Enabling encryption while users are logged in destroys files

owncloud / core

:cloud: ownCloud web server core (Files, DAV, etc.)

https://owncloud.com

GNU Affero General Public License v3.0

8.35k stars 2.06k forks source link

Enabling encryption while users are logged in destroys files #39663

Closed jnweiger closed 2 years ago

jnweiger commented 2 years ago

Seen in 10.9.1RC1 (with encryption 1.5.1 initially disabled)

user admin edits file shared in his folder Photos
user admin shares the folder Photos with user user01 (full permissions)
both edit the file.

occ app:enable encryption
occ encryption:enable
occ encryption:select-encryption-type masterkey -y

user01 tries to edit shared.txt -- errors appear -- faint and gray and only for a few seconds (grrr!)

user01 reloads the browser tries again and gets:

admin also is asked to logout login:

The file already got truncated to 0 size:

# ll /var/www/owncloud/data/admin/files/Photos/shared.txt
-rw-r--r-- 1 www-data www-data 0 Jan  7 21:21 /var/www/owncloud/data/admin/files/Photos/shared.txt

After logout, login, the file is still in a broken state:

A total of 11 corrupt versions are saved. The 12th one can be restored and has actually the latest content. Phew.

jnweiger commented 2 years ago

Expected behaviour: The encryption machinery does not get confused when keys are not initialized. To be safe, enabling encryption should log out all users immediately.

jnweiger commented 2 years ago

On a fresh machine https://oc1091rc1-wopi-151-20220110.jw-qa.owncloud.works - enable encryption via admin UI runs into different errors:

user admin edits file shared in his folder Photos
user admin shares the folder Photos with user user01 (full permissions)
both edit the file.
admin visits the admin settings and enables encryption. A message appers to use the apps menu to add a module
admin visits apps -> disabled and enables encryption.
user01 tries to edit shared.txt -- errors appear -- faint and gray and only for a few seconds (grrr!) "Private key missing for user"
- admin tries to edit shared.txt and also fails.
- admin logs out, logs in again. New error, "This is a shared file as the share owner..."
- admin inspects the settings and finds "User keys already enabled"
- admin and user01 delete all edited files
- admin can now do: occ encryption:disable; occ encryption:enable; occ encryption:select-encryption-type masterkey -y
- admin tries to create a new text file and edit:

jnweiger commented 2 years ago

I believe the original issue is also related to confusion between user key encryption and master key encryption. Most likely I had mixed using the admin-UI and using the command line.

IljaN commented 2 years ago

Do you have an owncloud.log for this?

AlexAndBear commented 2 years ago

Outcome from developers: Tried to reproduce it 5 times, issue didn't pop up

jnweiger commented 2 years ago

Do you have an owncloud.log for this?

yes, attached. You can log into root@oc1091rc1-wopi-151-20220110.jw-qa.owncloud.works and look around yourself. I'll leave that machine alone for now.

39663-owncloud.log.zip

jnweiger commented 2 years ago

Outcome from developers: Tried to reproduce it 5 times, issue didn't pop up

Confirmed. The issue does not appear when striclty following the steps in my initial post. Feel free to close here as invalid and followup in #39671