Skip to content
FinalPlace Every file has its rightful place

Dev Log #03 | When Auto Organization Meets Security

Illustration

Opening

Section titled “Opening”

Last week we discussed FinalPlace’s overall progress in the dev log. This week we want to specifically talk about something “invisible but crucial” - security.

As a tool that automatically moves, renames, and even deletes your files, if it’s not secure enough, its convenience is an unheld knife.

So this week, we invested heavily in security protection.

Three Security Lines of Defense

Section titled “Three Security Lines of Defense”

First Line: Command Injection Protection

Section titled “First Line: Command Injection Protection”

If a malicious filename contains something like ; rm -rf /, a not-strict-enough file management tool might execute it as a command when processing the file.

Sounds extreme? But as a locally running tool, we must assume the worst-case scenario.

This week we comprehensively audited the filename processing chain, ensuring all filenames undergo strict escaping and validation, completely eliminating command injection risks.

Second Line: Zip Bomb Detection

Section titled “Second Line: Zip Bomb Detection”

A “zip bomb” is a specially crafted compressed file that, when decompressed, expands to enormous size, potentially crashing your system or filling up your hard drive.

Our protection:

  • Scan compressed files before extraction
  • Detect abnormal compression ratios
  • Warn or refuse to process suspicious files

Third Line: Path Traversal Protection

Section titled “Third Line: Path Traversal Protection”

What if a rule accidentally moves files to wrong locations?

Our protection:

  • Validate all target paths before moving
  • Ensure paths are within user-specified workspace
  • Block moves to system directories (C:\Windows, etc.)

Safe-Move: Security in File Moving

Section titled “Safe-Move: Security in File Moving”

Moving files across drives is high-risk. What if power goes out mid-move?

Our Safe-Move protocol:

1. Copy First

  • Copy file to destination completely

2. Verify

  • Check integrity (size, hash)
  • Only proceed if verification passes

3. Delete Source

  • Only delete after verification
  • If verification fails, keep both copies

Our Security Philosophy

Section titled “Our Security Philosophy”

We believe:

  1. Local-first: Your files should never leave your computer
  2. Transparent: No hidden network transmissions
  3. User-controlled: You set the rules, we execute them
  4. Auditable: Every operation can be traced and undone

Security isn’t a feature. It’s a foundation.

FinalPlace - let every file find its correct home.

Want to learn more? View FinalPlace features

Copyright © 2026 FinalPlace