Skip to content

fix(SecureView): ensure shouldSecure() doesn't attempt to call fopen() on directories #5257

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
joshtrichards wants to merge 3 commits into
base: main
Choose a base branch
from
Open

fix(SecureView): ensure shouldSecure() doesn't attempt to call fopen() on directories #5257

joshtrichards wants to merge 3 commits into from
+40 −7

Conversation

@joshtrichards
Copy link
Member

@joshtrichards joshtrichards commented Jan 6, 2026
edited
Loading

Summary

Improve the shouldSecure() method to reliably determine whether a path is a file or directory -- using both the filecache and storage API -- before attempting to open the path. This prevents unnecessary or erroneous fopen() calls on directories (especially in external storage), ensures filecache metadata is prepared for permission checks, and enhances stability and clarity when applying SecureView restrictions.

Helps with nextcloud/server#57342 (and may even resolve it, though there may be additional things going on there - TBD; this improvement is useful either way).

Related: #5171

TODO

  • ...

Checklist

  • Code is properly formatted
  • Sign-off message is added to all commits
  • Documentation (manuals or wiki) has been updated or is not required

@joshtrichards
fix(SecureView): robustly determine file/directory before forcing fil…
b545b15 
…ecache update in shouldSecure()

 fix(richdocuments): robustly determine file/directory before forcing filecache update in shouldSecure()

Signed-off-by: Josh <josh.t.richards@gmail.com>
@joshtrichards joshtrichards added bug Something isn't working 3. to review Ready to be reviewed labels Jan 6, 2026
@joshtrichards joshtrichards mentioned this pull request Jan 6, 2026
Open
8 tasks
@joshtrichards joshtrichards requested review from blizzz, elzody and juliusknorr and removed request for elzody and juliusknorr January 6, 2026 16:25
@joshtrichards
chore: typo (fixup)
dc91223 
Signed-off-by: Josh <josh.t.richards@gmail.com>
@joshtrichards
chore: fixup for lint
9ad9524 
Signed-off-by: Josh <josh.t.richards@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@blizzz blizzz Awaiting requested review from blizzz

@juliusknorr juliusknorr Awaiting requested review from juliusknorr juliusknorr is a code owner

@elzody elzody Awaiting requested review from elzody elzody is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

3. to review Ready to be reviewed bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Bug]: S3 External Storage with Hetzner is causing errors and is slow

2 participants

@joshtrichards