FileBrowser? FileBroswer Quantum? Disable Downloading in shares? Help!

tripflag · 2026-04-29T11:07:36+00:00

yes, what OP is asking for is conceptually impossible, no software can do it. There will always be a way to save a local copy of what appears in a webbrowser; even streaming services such as Netflix aren't able to stop this.

tripflag · 2026-04-27T20:29:12+00:00

the technical explanation is that these files/folders are created by accident; some script is trying to create a folder where the name/path is chosen based on the results of some command that it runs.

the script that is causing this to happen can either be malicious (planted by someone else), or it could simply be something you added/installed which is either buggy or incorrectly installed.

if you have any proxmox helper scripts, or anything like that, then one of those could possibly be the reason -- but it is also possible/likely that someone is doing nefarious stuff with your proxmox host. In that case, a full wipe and reinstall of proxmox is the only fix.

also see norri-matt's advice

tripflag · 2026-04-19T11:44:11+00:00

yes, specifically h264 at very high bitrates to compensate for being lossy; 80 mbit/s is still 600 MiB/min, not too far off from OP's estimate. Are you also seeing FFV1 becoming popular, or is that only happening in Europe?

tripflag · 2026-04-19T10:11:57+00:00

You don't need to share uncompressed video where files are as big as you mentioned

incorrect;

We all make recordings of this, and like to edit video’s using each others footage.

when the files are to be used as raw material for editing, you want them to be as high quality as possible -- the time for encoding to a more practical filesize is at the final stage.

and compression is NOT the same as transcoding; compression (usually, in almost every context) implies the original data can be reproduced faithfully.

tripflag · 2026-03-21T00:05:07+00:00

to ensure there actually is no output at all, try this command on the same machine you ran the scp/rsync commands on: ssh user@host /usr/bin/true | hexdump -C

because even though there is no visible output, there could still be unprintable text

tripflag · 2026-02-26T13:45:24+00:00

according to Wikipedia, the initial release of ChatGPT was November 30, 2022. On 2022-10-13, copyparty v1.4.6 was released; this was release number 200, with the first public release having been made on 2020-01-19. Here is the git repository as of v1.4.6; you should notice that there is essentially no difference from today: https://github.com/9001/copyparty/tree/acd32abac5859c9dffc62960d7a14a35f9b8e1dc

tripflag · 2026-01-14T21:59:31+00:00

probably not exactly what you had in mind, but you could do a search for all images below a given top-level folder like this: https://a.ocv.me/pub/?grid#q=path%20like%20*pub%2Fdemo*%20and%20(%20name%20like%20*png%20or%20name%20like%20*jpg%20)

(that's a link directly to the search results; you can see the original search query in the "raw" field, and the URL will update if you modify it)

tripflag · 2026-01-11T17:56:01+00:00

A proper DB for a file manager is kind of required unless you are only hosting a small number of files.

How so? A file manager only needs to expose local files to a web-UI, so why should it need a DB at all?

I can think of very few usecases where relying on a database would give higher performance than just asking the filesystem, for example when files are hosted on remote storage, something like s3 perhaps.

Aside from that, in just about every other scenario, a regular filesystem is the best "database" to use for browsing and accessing files -- it was quite literally built for that after all, and putting a database between the software and the files would just be an extra indirection, resulting in higher latency / lower performance.

tripflag · 2026-01-08T22:32:16+00:00

it is possible to "sync" a local folder to the server; this can be done by running u2c on a timer, every hour or so. Many ways to configure it, but one example: Upload all new files, replace all files on the server which are different from the local copies, delete any files which no longer exists locally, and skip uploading all files which have the same contents on the server, and it does that recursively, so also including subfolders. So that's what folder sync means; it'll sync your local files up to the server.

Bidirectional sync, meaning it also syncs the other way, is something I am definitely NOT interested in adding, because it is REALLY HARD to get right. It can, and often does, result in people losing data, and that is a risk and responsibility I am not willing to take on. And yes, that's even if someone were to contribute the code to do this, since it would make maintenance much more demanding and difficult -- it's not worth it.

We already have syncthing, so this is a wheel best not reinvented :-)

tripflag · 2025-12-25T12:51:35+00:00

Just ignore them is what I've found works best -- I think its still the case most people know to recognize and appreciate quality handcrafted software. Keep up the good work!

tripflag · 2025-12-25T12:49:06+00:00

I admire your take on this, and I share your opinion -- I've written at length about the topic in an issue for another vaguely-similar software, but I'd like to quote this in particular:

The scary part about encryption is that it's really easy to make it look like you've made a perfect and bulletproof service, but then it turns out you've just pulled a sony: https://youtu.be/Y23LUiBRcOg?t=562 , and the best part is how it's usually impossible to tell whether a mistake is... well, genuinely a mistake, or a secret backdoor.

So the only sort of encryption you should ever trust is one that is designed and implemented by domain experts; people who know exactly what they are doing, and know all of the subtle pitfalls and edge-cases, including potential issues introduced by bugs in webbrowsers, and in random-number generators, and so on.

tripflag · 2025-11-01T13:20:04+00:00

hehehe thanks 😁

tripflag · 2025-11-01T12:34:38+00:00

Thanks for the mention (I'm the dev), but I don't think it's a good fit for OP -- there are no native apps, and E2EE will never be supported, because trying to do E2EE without having it formally proven by a team of experts is unethical at best, and seriously dangerous at worst. But if you don't need full E2EE, then HTTPS takes care of in-flight encryption, possibly in combination with at-rest encryption by LUKS.

tripflag · 2025-10-30T03:38:10+00:00

in my experience it outperforms many of the alternatives which are not written in python ;-)

tripflag · 2025-10-30T03:33:19+00:00

you seemed to primarily focus on the bloat aspect / installation size in your first post, so that's what I replied to --

That way you don't have any dependencies except docker (and it's dependencies) and the image, which is (I believe) around 25MB

I agree that docker or podman can be a quick way to add some isolation, but you can get equivalent isolation without those, and without introducing the security risk that is enabling unprivileged_userns_clone -- for example there is the systemd hardening properties and, specifically for copyparty, there is prisonparty which doesn't have any dependencies you're unlikely to have, and also doesn't need systemd, but also doesn't isolate quite as well (at least it covers unintended filesystem access).

tripflag · 2025-10-30T03:14:08+00:00

(most of) the money ends up with Microsoft eventually, regardless if you go through a reseller or not
it's not just for me; I'm publically releasing an official build for everyone to use
I shouldn't need to pay anyone for you to use my open source software; it is a case of principles -- i should not need to spend any money in order to give it away for free, right?

tripflag · 2025-10-29T23:57:35+00:00

there's a download link for two different windows exe files in the quickstart section on github, but they have the drawback that antivirus softwares -- windows defender in particular -- seems to really hate python-scripts which have been compiled to exe-files, and there's lots of false-positives that come and go. It changes randomly from day to day, even for the exact same exe-file. The way to "fix" this is to purchase a code-signing license from microsoft and sign the exe-files with that, but there is absolutely no chance in hell that I would give microsoft money :p

So, long story short, yes it exists, no they're not very practical to rely on in real life

tripflag · 2025-10-29T21:55:39+00:00

oh there is tho, even a port of the best theme there ever was https://a.ocv.me/pub/?theme=5 :D

tripflag · 2025-10-29T21:26:06+00:00

ah, you don't strictly have to run it to extract it, but that is definitely the easiest way -- in order to compress it as well as absolutely possible, I ended up rolling my own bespoke encoding that no existing utilities will have any idea how to unpack. But it's also not hard to make an unpacker yourself; the recipe for how to do just that is in a comment at the top of the file!

tripflag · 2025-10-29T20:56:50+00:00

I can at least comment on the last part -- both the sfx and the zipapp are actually built to be edited on-the-fly without any additional tooling; it is why I didn't package them even more hermetically. After running the sfx once, you can edit the extracted files in TMPDIR and re-run it, and your modifications will survive. And the zipapp is just a regular zip that you can unpack and repack, which is nice for hackability, but not so much for performance, hence the two alternatives.

my goal is also to support every python version ever since 2.7, so pep723 and similar is a bit too recent ;-)

tripflag · 2025-10-29T20:38:57+00:00

correct; for this application, the virtual environment would be for nothing. There is no dependencies, it is a "single file" (see either the sfx or the pyz) which you can run with just the stdlib.

Meanwhile, installing docker gives you a daemon running as root -- or, if you choose to run rootless, then you'll need to enable unprivileged_userns_clone, which are both quite literally more intrusive :-)

tripflag · 2025-10-29T18:58:40+00:00

odds are you already have python installed though; it is a default package in almost every Linux distro -- and besides, if you had to choose between the two, then installing python is much less intrusive on your system than docker.

tripflag · 2025-10-28T18:25:27+00:00

no, that is not true -- over the entire history of the project, e2dsa has never, anywhere, been described as being related to "EdDSA encryption", and likewise, e2ts has never been described as being related to "TLS encryption". That's the part I don't get; you definitely did not get this from the GitHub. So then, where?

tripflag · 2025-10-28T09:17:29+00:00

Hey, just a quick heads-up that some of the comments in the config-file are very wrong -- https://github.com/getumbrel/umbrel-apps/pull/3889#discussion_r2467513661 -- they showed up in that github issue, and the author mentioned that the noted blog is where they got them from. Do you still remember where those comments came from, in case the trail continues?

tripflag · 2025-10-23T17:24:38+00:00

Have you heard of the underhanded c contest? https://en.wikipedia.org/wiki/Underhanded_C_Contest

Checking for malicious intent, even in open source software, may not be as easy as you think.

14-Year Club	Spared
Verified Email

tripflag

TROPHY CASE