server icon indicating copy to clipboard operation
server copied to clipboard
verified publisher icon nextcloud

Code integrity check

Open nickvergessen opened this issue 7 years ago • 2 comments

There are currently multiple problems with the code integrity check, which should be tackled at some point:

  1. Integrity is only checked after an update, but for everything
  2. Integrity of an app is not checked after an update from the appstore
  3. The code of the app is run (updater) before doing the integrity check.
  4. The integrity check is currently synchronous while running the update (maintenance mode on) but takes a lot of time

Things that should change:

  1. Integrity check should be run before the update (of server and app), so we only run signed code (although for the server this is somewhat unrealistic, because you replaced the files before already, so an attack case can not be covered, only a "borked" upload.
  2. Integrity check should be ran for the specific app when updating via the app store
  3. When updating via console the integrity check should be optional, to allow faster deployment across multiple instances when you use a deployment tool (chef, puppet, git, ...).

cc @MorrisJobke @rullzer

nickvergessen avatar May 03 '18 08:05 nickvergessen

how could I deactivate integrity check? At moment I get this error on every nextcloud update and I have to remove apps Manually and install them again. At moment I ignore it but It would be nice if I could somehow get ride of this Infobar.

Mannshoch avatar Jun 28 '18 16:06 Mannshoch

I suppose this issue is still valid? If not, please close this issue!

szaimen avatar May 26 '21 09:05 szaimen