Sorry to revive this old thread but I need your clarifications please:
So, to my understanding private files on Phabricator are not really private as they could be accessible for people without permissions. In fact files are just obscured behind some random URLs. Is that right?
Then, how can we make sure that private files uploaded on Phabricator can not be leaked to outside of the organization / company? Is there any setting or any other option?
I have uploaded a file as an admin user, changed visibility to “no one” and then tried to view the file from an incognito browser (not logged in) and I am able to view the file. So, users with accounts in our internal phabricator installation can not have access to the file but anybody (even without an account) can view it just by knowing the link?
What am i missing here?