Page 2 of 2

Re: Extend FileBot or FileBot-Node into full API

Posted: 01 Aug 2019, 11:51
by devster
Solution 2 is certainly feasible, it's also fairly insecure.
Containers usually (e.g. docker does it by default), run as root on the host machine and provide a root user inside the container.
Breaking these boundaries is one of the major points of attack and allowing code execution within a container (possibly on a machine exposed to the web), is subject to vulnerabilities.

I'm currently using option 1, but it's unfortunately not as smooth as I'd like.

The most comprehensive solution would probably be to have a FileBot daemon with an API that can accept commands sent by filebot CLI. This would be a big change, the only example that comes to mind is FlexGet, which now provides both a cron-based script to including a daemon (as far as I remember since v2).
I would however point out that despite the usefulness of docker for home users, the intended use is probably enterprise with much larger and distributed infrastructure.

Re: Extend FileBot or FileBot-Node into full API

Posted: 01 Aug 2019, 12:50
by rednoah
A notable problem is that if you can run any filebot command, then you can pass in any -exec option, which means you can effectively run any command via filebot post-process commands.

Also, since you can do that with FileBot Node WebUI too, the FileBot Node service should never ever be connectable to anyone but yourself, especially if you're running it without authentication.

Re: Extend FileBot or FileBot-Node into full API

Posted: 13 Aug 2019, 10:54
by devster
In my view, that argument works in favour of a daemonized FileBot with an API and without an -exec bit, pure renaming service with additional tasks left to the user.