API access control.

[farhoud]

File protocol does not have access control.
So if you connect it to public network any one can use it to upload and download from them.

[gitaaron]

So currently if I run the cluster with docker-compose it is not connected to the public network?

However, if we wanted to make it available to signalling server then we would have to make it available to the public network?

Is it the bootstrap server list that determines that?

[ehsan6sha]

@farhoud can you elaborate a bit? When we say File Protocol does not have access control?
I mean right now, we encrypt the file and upload it, and then when we share we go through the security layer that Jamshid designed. what part is still not encrypted?

[farhoud]

@gitaaron currently its disabled in code for bootstraps but wrtc still connect box to network which should be removed.

@farhoud can you elaborate a bit? When we say File Protocol does not have access control?
I mean right now, we encrypt the file and upload it, and then when we share we go through the security layer that Jamshid designed. what part is still not encrypted?

@ehsan6sha you can not control who is connecting to your box, data is encrypted but anybody in the network can use any box as their storage.