> The whole fs is a very bad idea, but I do not see a reason against > exposing /home/dmeyer/shared to the rest of the world.
I do. Once you start exposing a part of your fs, you are opening the door to a lot of trouble: users accidentally exposing their whole hard drive, your software suddenly having very security-critical code for which even the smallest bug can have big consequences, ... Personally, I wouldn't trust running an IM client with this functionality (assuming I know my client has this functionality). I realise that even without this, a client could still 'accidentally' expose private information to your network, but the chances are a lot bigger if ther is code that explicitly shares files from your local filesystem. cheers, Remko
