[Owncloud] Accessing files outside the users home folder

Fri Jan 20 16:48:51 UTC 2012

On 20.01.2012 01:06, Robin Appelman wrote:

Hi Robin,

> Trowing some idea out here for whoever is interested and/or wants to provide
> some ideas or feedback.
Please take into account that I haven't worked a lot with OC_Filesystem 
yet, so maybe that my comments feel stupid here and there...
>
> Currently the only "correct" way of accessing any file of a user, oc_filesystem,
> is limited to files within the users home folder (/username/files in the
> complete virtual filesytem).
> While this is fine for most uses, there are plenty of valid cases where an app
> needs to access files outside the home folder.
This rings a bell for me. Imagine in the future, we make it way easier 
to upload apps on an owncloud, ie. writing apps could become as easy as 
writing macros in a text processor and the users can upload their apps 
into their ownCloud. In that case it would be cool to have a hard jail 
to the user directory for apps. But as I wrote it I realize that its 
probably hard to prevent a 'bad' app from accessing the file system at all.
Anyhow, if we allow apps to get out their jail easily that raises the 
risk for security issues if things go wrong somewhere.

> Sharing needs to access files
> owned by other users, gallary needs to store thumbnails of photos and
> galleries and media might want to store album covers somewhere.
The gallery- and media-example sound like a usecase for a kind of /var 
directory, which contains data that is not neccessarily user related 
(such as cover pics) and/or is fluent and can be reproduced. Moreover, 
these data will probably always be local, right?

It might be an alternative to not change the OC_Filesystem for the 
benefit of hard jailing and implement a class that supports the 
var-directory-functionality that can be used for this kind of data.

> All apps that currently need to do something like this currently have their
> own implementation that bypasses oc_filesystem partly of completly, while that
> may work for now, bypassing oc_filesystem would, in the future, mean not having
> things like encryption, metadata storage or not having the file at all due to
> it being mounted from a remote source.
Yes, thats bad.

> My idea for providing a proper way to access files outside the users home
> folder without making oc_filesystem harder to use for 90% of the use cases is
> to add a new class oc_filesystemview, which can create a "view" into ownCloud's
> virtual file system simular to oc_filesystem, only without having to be locked
> into the users home folder.
>
> Every view can have it's own chroot, giving it access to a part of the
> filesystem and will provide the same functionality oc_filesystem provides.
> The sharing app could create a new view on /otheruser/files to gain access to
> the files and application that need to store files outside the users view can
> create a view on /username/appid.
The view idea also sounds clever to me.
>
> To retain compatibility with the current way of using oc_filesystem,
> oc_filesystem will provide a static default view on /username/files with zero
> api changes for apps using oc_filesystem the "normal" way.
Would that mean that existing code have to be adopted to the new view 
classes?
>
> Looking foreward to ideas/feedback on this increasingly relevant topic.
Thanks for sharing, I hope my ideas aren't too fanciful :-)
>
Klaas