Is not using .js files as a DB on servers quite dangerous and prone to cause vulnerabilities? #11
Description
This all sounds nice to store data in .js files directory, however, is not this quite dangerous when you think about it?
The problem
Because as soon as you use it for some sensitive data of some kind – which almost always happens when you use a database, even aggregations of what seems to be quite public data can be sensitive – it gets somewhat critical. (And BTW; you talk about privacy in your Readme, so clearly you consider the fact that there could be private data in the DBs.)
The technical issue of course is easy: By default, when .js files are placed on a webserver, anyone can download them, as .js files are of course intended to be used like databases.
This is not at all theoretical. After all data leaks are very common and simply downloading files from random webservers under well-known locations is somewhat shockingly incredible common, so that even tools exist to automate that. See also the list of breaches and linked news articles here which have all that in common. And people forget .git directories or saved nano/vim backup copies of files… so it is easy to forget. Or database dumps… etc. See the talk also linked there e.g..
I could go on here, talk about a vulnerability/problem in a project I am affiliated with, where we ended up using a config.ini.php instead of config.ini file, because that is guaranteed to be parsed by most web servers by default and thus won't expose sensitive data. (That's also why most public CMSes based on PHP e.g. do it like this…)
Solution?
It may be obvious to you that of course you should not use the project like this/keep the database files private, but stating the obvious is always a good idea when it comes to security.
As such, at least document that you (obviously, as said, but well… keeping .ini files private is also obvious, yet it happens that these are exposed due to accidental misconfiguration etc.…) should somehow place the files into a directory not-accessible by any webserver. Maybe you can also do some further hardening with user permissions, SeLinux or webserver onfiguration…
E.g. what may an – arguably ugly – workaround is if you save your files as database.js.php, which makes the files being non-accessible if they are on a PHP-compatible webserver. Otherwise, a different file ending such as .jsdb or another not-served by webservers file extension may be used – though of course the protection effect depends on how webservers treat such a file extension by default. (After all, remember people are lazy… manually adjusting webserver configs is likely not being done. 😉)
Also, of course, it should be remembered people may take this into care when directly working with this here, respectively, if they know they work with that here. However, when used in third-party projects like your Site.js that information/risk can soon be forgotten about.