We have a Phabricator installation which is mostly used for code reviews, task tracking and putting documentation in Phriction, File application receives attention only occasionally, but the problem that I noticed is the file F<ID> identifiers are not going up in +1 increments, but rather in our installation we have a streak like this (from most recent to least recent): F2072, F2005, F2003, F2002, F1972, F1970, F1968, F1880, F1879, F1730, F1728, ...

Looking at file ids in https://secure.phabricator.com/file/ - they are going in perfect +1 streak (on first page) and I'm starting to become paranoid about our installation. Could it be that someone is doing malicious activity by somehow exploiting File application?

Some details:

• Phabricator was most recently updated from origin/master in mid-October, but the problem started some time before (and still persists).
• We use a separate domain for uploaded files, as suggested in documentation.
• We use physically separate database for Phabricator.
• Phabricator has its own os user in the operating system and is limited to access it's home directory (which happens to have libphutil, arcanist, phabricator and tracked repositories).

@epriestley could you weigh in or point me in the right direction why would this happen?