Is it safe to use `.data` folder to store (sensitive) database files


#1

I love that Glitch allows us to write files to the file system. That way I was able to create an example Hoodie app which even persists user data, and people can remix it and it works out of the box for them, without any configuration :clap:

Now I’m not sure about the .data folder. On the one side I keep reading that you recommend it to store your database files there, on the other side you say that the .data folder is readable by others.

But I can’t see the .data folder in my side bar, not even when signed in. Even if I know the location of a file, I can’t open it, for example: https://glitch.com/edit/#!/hoodie?path=.data/data/hack.json:1:0

So I’m not sure if I can recommend people to use Glitch to experiment with Hoodie or not, because I’m not sure if it’s only a bug that keeps their sensitive database files from being exposed to everyone.

Can you please clarify that, maybe also in the FAQ?


#2

The design intention is that .data/ should be secure for storing data specific to your app, like a local database. There’s currently a bug which is an irregularity with how we handle files created in the .data/ folder from the editor. If you create a file in the .data/ folder from the editor then it will appear in the editor until the container restarts and other people viewing the editor can see it. This shouldn’t affect files created from your application code.

There’s some other edge cases with editing files in the editor created from your application or console that we hope to fix soon:tm:.

tldr; if your app creates a database file in the .data/ folder it should be safe to remix. Don’t create file in .data/ from the editor to avoid any weirdness. We have plans to fix up these edge cases in the future.

Hope this helps and if you notice anything that doesn’t match with this description please let us know so we can fix it or bump up the priority on tying up these loose ends :slight_smile:


#3

Has this been resolved, or should users still only create files from the application itself?


#4

@DanielX I think it might be difficult or unintuitive for many use-cases to first write code to create files and then change to code to only read/write existing files.


#5

Hi @janniks, welcome to the Glitch Forums!

This is still a concern for editor-created files in hidden folders. One thing that’s not mentioned here that can help alleviate the concern is that you can use the project’s console (which you can view by opening the Logs pane by clicking on the Logs button under your project’s name and then clicking on the Console button) to execute the refresh command, which will update the editor with all of the new files and their appropriate visibility rules.

Hope this helps!


#6

That does help! Thanks :raised_hands:

~It it possible to create the file via the console?~ Does the problem exist for files created via the console as well?

Please add some more information to the documentation on secrets, etc. - it is not very clear what is secret and what is just project-based. :rocket:


#7

If I run refresh after creating a file named .data/filename.txt it does not show up in the editor anymore. It still exists, when browsing via the console, but doesn’t show up in the editor.

The same goes for files created via the console.


#8

That’s what I was suggesting - if you create a “secret” file in the editor and want it to be hidden right away, running refresh forces the restart that @DanielX was talking about. Is that not what you were asking about?

I’ll add those help doc updates to our list of planned updates.


#9

I understand.

But are these dotfiles files only hidden or secret or both?

For example the .env file is technically a hidden file (even though it is shown in the editor sidebar) and it is secret as well, if somebody clones the project or looks at a public project, everybody has their own version of the .env file, correct?

Now what about files in .data/ or any dotfiles for that matter? Are they only hidden, but technically readable by others that view a project? Or are they also secret and will show every user (not regarding teams/collaborators) a different version of the file?

The help-center simply states:

In addition, creating a folder called .data is a safe place to store your data files. This folder isn’t copied across when a project is remixed.

That could mean it isn’t copied to a new project, but may or may not be visible in a public project to anybody. (In this case anybody could inspect/read the sqlite database of the dreams project if it’s set to public)


#10

Glitch has a global gitignore file that prevents certain files and folders from a) being shown in the file list, b) being tracked by git (which also drives Rewind), and c) being copied to a Remix. You can see this list of files and folders using cat cat /etc/gitignore-global.

“Hidden” files not in this list (like an arbitrary “.something” file or directory) will be hidden from the file list by virtue of them being hidden files, but will be committed to the git repo upon Checkpoint (every 10 mins) and will show up in Rewind and in Remixes.

Files that are not displayed in the file list can only be viewed in the console, and community members can’t open the console on any project they don’t belong to, including public ones. They can, however, remix the project and will be able to view any hidden-but-not-secret files in the remix per the rules above. In your specific example, the sqlite database file won’t be visible to non-members and will not be copied on remix.

Does that make things more clear?


#11

This is great! Thanks for clearing everything up and responding so quickly! :airplane: Would love to see your last reply make it to the help-center/documentation! :wink: