[Owncloud] App breaks ownCloud

Frank Karlitschek frank at owncloud.org
Tue Apr 10 14:00:23 UTC 2012 

A agree.

Apps should be sandboxed as much as possible. Unfortunately the option we have in PHP are relatively limited.
But we should do what we can.

Frank


On 10.04.2012, at 15:58, Georg Ehrke <ownclouddev at georgswebsite.de> wrote:

> Hi,
> 
> in my opinion we should think anyhow about a kind of sandboxing for apps.
> 
> Cheers, 
> Georg
> 
> Am 10.04.2012 um 09:12 schrieb Michiel de Jong:
> 
>> this would be solved if we had regression tests. then there would be a
>> test saying 'deploy should work even if the doc root is not writable',
>> and nobody would be able to break anybody else's code, whether part of
>> an app or part of core.
>> 
>> i'll fix this bug and also add that regression test, but then someone
>> needs to run these regression tests on the master branch. has a
>> decision been taken about that on Saturday?
>> 
>> On Tue, Apr 10, 2012 at 2:29 PM, Klaas Freitag <freitag at owncloud.com> wrote:
>>> Hi,
>>> 
>>> user_webfinger install.php breaks head for me if I start a fresh setup:
>>> 
>>> [Tue Apr 10 14:22:42 2012] [error] [client ::1] PHP Warning:
>>> fopen(/srv/www/htdocs/.well-known/host-meta): failed to open stream: No such
>>> file or directory in
>>> /home/kf/oC/owncloud/apps/user_webfinger/appinfo/install.php on line 35,
>>> referer: http://localhost/oc/
>>> 
>>> In my setup, the webserver doc root is not writeable (for whatever reason).
>>> 
>>> But what bothers me more is that an app can stop the whole ownCloud from
>>> being functional. The first question is why is the install of user_webfinger
>>> performed at all? Is it default? If yes, ok :-) If not, the install.php
>>> should'nt run on a fresh setup, right?
>>> 
>>> The other, more interesting thing is: Can we somehow jail apps (at least non
>>> default ones) and avoid that the whole ownCloud is stopped from being
>>> functional. In perl, you would put an eval{ } statement around the script,
>>> do we have that for php also?
>>> 
>>> Thanks,
>>> 
>>> Klaas
>>> 
>>> _______________________________________________
>>> Owncloud mailing list
>>> Owncloud at kde.org
>>> https://mail.kde.org/mailman/listinfo/owncloud
>> _______________________________________________
>> Owncloud mailing list
>> Owncloud at kde.org
>> https://mail.kde.org/mailman/listinfo/owncloud
> 
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud

More information about the Owncloud mailing list