matrix-ios-kit icon indicating copy to clipboard operation
matrix-ios-kit copied to clipboard

Published 20 hours ago verified publisher icon matrix-org

MXKAccountManager: accounts are stored in a discardable cache files when no app group id is available

Open giomfo opened this issue 6 years ago • 1 comments

When no application group identifier is defined, the Matrix account credentials are stored in a discardable cache files (Library/Caches).

Indeed the [MXKAppSettings cacheFolder] used in MXKAccountManager: https://github.com/matrix-org/matrix-ios-kit/blob/2a57b54f7738df10d7fec13fa0da8a929d4c0372/MatrixKit/Models/Account/MXKAccountManager.m#L496 returns this folder when no group id is defined, see: https://github.com/matrix-org/matrix-ios-kit/blob/2a57b54f7738df10d7fec13fa0da8a929d4c0372/MatrixKit/Models/MXKAppSettings.m#L77

A new method should be added to MXKAppSettings to return an applicationSupportFolder (based on NSApplicationSupportDirectory), then the MXKAccountManager will be able to use it to store account data (when no group id is defined).

giomfo avatar Jan 09 '19 13:01 giomfo

We experienced this, too.

See here, why that is a bad idea:

https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/FileSystemProgrammingGuide/FileSystemOverview/FileSystemOverview.html (Under "Where You Should Put Your App’s Files")

It seems, on storage constrained devices, this can happen fairly regularly. My guess is, esp. when the App Store app loads updates and needs to keep these somewhere until they're complete.

It obviously copies this behavior from MatrixSDK: https://github.com/matrix-org/matrix-ios-sdk/blob/develop/MatrixSDK/Data/Store/MXFileStore/MXFileStore.m#L802

I'd recommend cross-checking in MatrixSDK, if the encryption keys are lost, when the cache is purged. That's also not nice...

tladesignz avatar Mar 04 '19 16:03 tladesignz