As you all know, Syncplify Server! is the only enterprise-grade secure file-transfer server that has no known vulnerability (CVE) listed in the NIST NVD, and has never been hacked, not even once, since its first release back in 2014.

But our development team doesn’t use this as an excuse to become complacent. Instead, we constantly strive to make our server software safer with every new major release, and V7 will be no different.

One key aspect in which V7 will provide a significant security improvement over all of its predecessors is its Virtual File System (VFS) permission-enforcement subsystem.

In all versions released to date (V1 through V6) this permission-enforcement subsystem was exclusively bound to each individual client session, allowing or preventing a VFS operation before any request to the actual VFS was made, as shown in the picture below.

As you can see, in our V1-V6 operational model, the security of your data is enforced by two separate actions: request permission first, then request the actual file/directory operation afterwards but only if permission was granted. These two operations are forced to happen in sequence, so there is no attempt to access the VFS unless the Session-Based Permission Enforcer has explicitly granted it.

This is pretty safe against all in-session attacks (which are the vast majority of all possible attacks) but since the Permission Enforcer and VFS share the same runtime context, an argument could be made that a bug in our underlying code (or even in the compiler) may still offer a tiny (yet non-zero) window of opportunity.

For the record, we’re not aware of any such bugs in our code nor in the compiler, this scenario is purely hypothetical, but still warrants the question: is there any way we can make this entire process even stronger? Turns out that there indeed is a way.

Here’s how that subsystem works in V7:

As you can see, V7 will feature 2 (two) distinct Permission Enforcers, the same Session-Based one found in all prior versions, and a completely new VFS-Based one running in a 100% separate (air-gapped) runtime context.

When a client requests a file/directory operation to Syncplify Server! V7, the request is first run through the Session-Based Permission Enforcer which runs in the same context as the protocol-handler in the worker process (just like in V1-V6) but then, after the request is handed over to the Virtual File System, the VFS itself carries out a second - 100% independent - permission check, which runs in a different and separate runtime context to which the connected session has absolutely no access.

Only when both of these two air-gapped Permission Enforcers have provided consistent results, then and only then the file/directory operation is allowed.

You may be wondering: will this have a negative impact on performance? Well, no, as you can see from this other post the VFS subsystem in V7 will not only be more secure but also ~3x faster (on average) than any version before it.