Security and 'rclone delete'

In my last post I learn't about rclone delete, which is a bit worrying.

I have a cloud folder full of many shared folders and the 'remote:' directory is configured to point to the root of my Google Drive by default.
I installed my rclone.conf file onto all of our CI servers.

I'm therefore worried about someone using the following command:
$ rclone delete remote:

Will the above wipe out the whole of my google drive along with all the company shared folders??
If so, what security measures can I setup within rclone to prevent this and is it possible to point 'remote:' to a sub-folder on my Google Drive instead of the root of my Google Drive?

Possibly, yes, depending on the exact permissions. However it puts things in the trash by default...

Yes you can set

  --drive-root-folder-id string   ID of the root folder

or the config file equivalent root_folder_id

You can also oauth read only if you don't want rclone to be able to touch stuff.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.