Don’t even get me started… I just made a huge comment about the clown-nature of this thought-process.
I think it all boils down to experience. Some people need time to understand how to make their systems secure (including myself). It took me years of experience to learn how to raise all defenses to ensure security in all my self-hosts.
The concern isn’t that CF is reading your data. It’s that 3-letter agencies can read your data at will, since they always make these deals with large companies to have open-hose access to all the data. There was a scandal that Facebook had a special access page for those people.
You might think you’re innocent, and you’re a good person, so nothing to worry about. This is the old “I have nothing to hide”, but this isn’t how the world works. People who want to get you can pull strings to get anything they want from government institutions. After all, government is just people. It’s not a benevolent being.
Now all this is unlikely, granted. But the task of a good security setup isn’t to make it impossible to hack you, but it’s to make it hard enough and costly. I’m quite sure there’s a zero-day somewhere that can hack my bare-bones Linux servers, but good luck breaking the 10 layers of security I have before even reaching these servers to find something remotely valuable about me. I don’t need to make concessions in that regard. You don’t have to trust anyone.
I would say Seafile, and especially their webserver “seahub”, which is written in Python and Django, is just pure garbage. I’m using Seafile since 2012, and I’m honestly so sick of its problems. It just crashes for no good reason, and the encryption is extremely mediocre (there’s been issues about it). I have it behind my VPN so security isn’t a big deal.
Because it’s written with the garbage Python + Django, just try moving your installation to a new version… and you’ll be stuck with a very specific version of a bunch of libraries or otherwise seahub won’t even launch… and to make it even better, you don’t get anything on stdout/stderr to tell you what’s wrong, unless you launch Seahub in a specific configuration mode (WSAPI or something?).
Seafile has become so bad that I stopped caring about tracking its issues. I set my docker container to just restart on health checks’ failure, and forgot about it. My status tracker shows that it’s shutdown, and eventually it’ll restart. “Hey look, Seafile is down.” And I respond “That’s OK, dear, just give it another 15 minutes and it’ll restart”. This is my status on Seafile.
I think Seahub needs a complete revamp.
Those guys coded Seafile like a decade ago and they don’t care about fixing it anymore. Github is cluttered with issues.