How does oC handle administrator access to private user folders?

oc-internals

#1

Good evening,

I want to deploy an oC-Server on a virtualized machine for my family. I have full control over the host, the guest (obviously) and oC (even more obvious).
I can't blame them prefering not having a relative with full read-write access to their personal data.
So is it possible to "lock out" the system and oC admin from the users' private folders?
I read that the oC admin can reset user passwords at any time so even if I weren't able to view the files directly I could still log in as that user.
Does the oC-Server application also protect the folders from a system admin point of few? But thinking about that, since the root-user (which I am) is the god of said system nothing could stop me anyway, doesn't it?

Sorry if I made a duplicate post but I couldn't find any specific information on that topic.

Greetings

steve


#2

It is possible with the private password encryption. However that type of encryption has severe disadvantages. If the password is lost - it is lost and the files are not recoverable.
Another option would be encryption with cryptomator for your family for some folders ... again when they loose the keys those are gone ...

In corporate settings there is a variety of tricks to achieve this, including a commercial E2EE solution we are working on and the ability to put a masterkey into an HSM and load from there via environment variable ...