Inquiry Regarding File Handling & External Storage Access Security issue in ReactNativeBlobUtil.

[praveen-18m]

Hello ReactNativeBlobUtil Team,

We are currently performing a comprehensive security assessment of our mobile application, which integrates the ReactNativeBlobUtil library.
During a recent static security scan, two potential issues were flagged related to file handling and external storage access:

---

1. Unsafe Files Deletion
The scanner flagged possible risks related to file deletion where files handled by ReactNativeBlobUtil might not be securely deleted, potentially leaving residual data artifacts.

2. Read/Write Access to External Storage
The scanner detected usage of Android’s external storage APIs, which can pose a risk of unintentional data exposure if files are stored in world-readable locations or accessible to other apps.

---

Our questions for you:

1. Does ReactNativeBlobUtil ensure secure deletion of temporary or persisted files (e.g., overwriting before deletion, avoiding residual artifacts)?
2. When files are written to external storage via ReactNativeBlobUtil, are there best practices or configuration options recommended to minimize security risk (e.g., private app directories, storage scopes)?
3. Do you have documentation or security guidelines clarifying how file access and deletion are handled securely within the library?

Your assistance in clarifying these concerns will help us document safe usage practices and ensure compliance with security standards such as OWASP MASVS.

We are happy to provide relevant scan excerpts if needed. Thank you in advance for your support.