Public sharing is, for sure, necessary for a cloud disk like Seafile.
BUT I have a concern on this feature if it is used as an enterprise solution. There are a lot of confidential files in Seafile, it is too easy to share a file to public internet. Even if the team members are well trained and familiar with the system, it is still possible, for example, in a hurry, or by mistake, make some confidential file public.
What make it worse is, the public share is the first tab and default tab in sharing session.
So my question is, may I stop the public sharing function in Seafile? (Internal sharing is fine as it requires credentials to access the file)
I can not find any switch in seahub_settings.py? Anyone has the same concern, any solution?
Just dig-out the solution here:
Add Role_Permssion configuration in seahub_settings.py.
Hello and welcome to the Seafile Community Forum.
You found the answer to your question yourself. Great!
Let me make one addition: Roles and permissions are a feature of Seafile Server Professional Edition. If you want to remove the “share link” part in the share dialog in Seafile Community, you would have to manipulate the CSS. This said, Seafile Professional is the right solution for enterprise deployment anyway.
Please mark the questions as solved.
Thanks for your reply.
Yes, at the very beginning, I think of hide the relevant block by css to “remove” the share link. But later I realized that the windows client share and the mobile app share can still be a source of leakage (although with a much lower probability). So for those need “zero accident”, using professional edition with a proper role and permission is the best solution.
You are absolutely right: When disabling the “share link” by CSS, you can still create share links by way of the client.
I would be cautious however regarding leakage prevention: If someone wants to leak information, he/she will find a way. Even when disabling the share link via roles & permission, files can still be downloaded…
You are right, I can do nothing if some one intentionally leak the files, it is more a legal issue than a technical issue. My purpose is to avoid any opportunity that might cause un-intentionally file leaking