[jeroenhd]

You could create a sharing mechanism, though; let the desktop client encrypt a copy of the file with a randomly generated key and share that key in the download URL like Mega does it.

Requires extra data transfers and extra storage, but for small files that seems doable without invalidating the master password setup. You do end with two separate encryption systems, though.

A more scalable solution would be to encrypt every file with a different key and encrypt the key store with the master password (but that would obviously require a relatively extensive rewrite). You'd be able to get more fine-grained file access without sacrificing the single master password setup.

That way, you can simply share the file key when you want to generate a share link.