From 9ce2a744868dafb834942c39273ba427119b7802 Mon Sep 17 00:00:00 2001
From: nycki <nupanick@gmail.com>
Date: Mon, 17 Mar 2025 20:03:24 -0700
Subject: [PATCH] blog update, don't use filebrowser

---
 content/blog/23-filebrowser-auth.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/content/blog/23-filebrowser-auth.md b/content/blog/23-filebrowser-auth.md
index 4e74b6a..62ac11c 100644
--- a/content/blog/23-filebrowser-auth.md
+++ b/content/blog/23-filebrowser-auth.md
@@ -1,5 +1,5 @@
 ---
-date: 2025-02-04
+date: 2025-03-16
 title: filebrowser auth
 description: look ma no keycloak
 tags:
@@ -84,3 +84,7 @@ References:
 - <https://stackoverflow.com/questions/724599/setting-up-an-apache-proxy-with-authentication>
 - <https://serverfault.com/questions/45278/authenticate-in-apache-via-system-account>
 - <https://serverfault.com/questions/207301/get-the-authenticated-user-under-apache>
+
+Update 2025-03-17: Don't do this until this issue is resolved: <https://github.com/filebrowser/filebrowser/issues/2658>
+
+Basically: filebrowser does all operations as root, including file creation. So even if you restrict a user to their home directory, all the files they create will belong to root. Less than ideal. I'm looking into [ifm](https://github.com/misterunknown/ifm) as an alternative.