Hi,
This is more a question than a request for support, so feel free to move my post in the appropriate section if it doesn’t fit this one. I didn’t find one, please accept my apologizes if it’s because I missed it.
My situation is quite simple. My own personal Nextcloud server is ranked A+ according to https://scan.nextcloud.com and the one of the institution I work for is ranked F (yes, I triggered a new scan to be sure).
I sync my work between my PCs and my Nextcloud server but, quite often, I need to share documents with teammates. For that, I use federated share, and it works well enough.
Nevertheless, I’m wondering in what extent sharing stuff with someone on a ranked F server puts an A+ server at risk. Is it safe or not?
I’ll try to further the discussion… with the disclaimer that I’m still getting experienced with Federation Sharing so it’s relatively new to me… This is simply my current thinking, but not my final thinking.
That’s a challenging question to answer in a simple way mostly for two reasons:
risk is in the eye of the beholder
configuration specifics
But keep in mind:
Federation mostly relies on public link shares so if you’re already exposing/accepting that code path then Federation Sharing isn’t adding (much) more to that risk-wise
You don’t have to set the other server as a trusted server which will further minimize the attack surface created by federation mode (trust is used for directory exchange for things like auto-completion)
