-
-
Notifications
You must be signed in to change notification settings - Fork 682
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add checksum checks #1218
Comments
Maybe it would be a good idea to sign the runtime and check that signature after downloading while we're at it. The way it's built right now if anyone were to break into the servers distributing the runtime they'd be able to distribute malware through the runtime. That could be prevented by signing the runtime. |
And if the checksum is always wrong? |
This is very important for security reasons, as outlined in my issue linked above (closed as duplicate). People don't even need to break into the servers distributing the runtime, for example it could be the developers themselves distributing them on purpose or unintentionally because some of the software they use for coding & building got infected for example. Moreover, it would need to check after the download has finished but also afterwards to make sure the launcher is not replaced by some malware version of it. I don't know how this could be best implemented but maybe via regular checks of the hash. A difficulty is getting the correct hash for the launchers, if possible hashes signed by developers. Eventually the binaries should be reproducible so that they are validated to match the source code. I think for secure gaming on Linux this issue and #4556 would need to be solved. |
Given the size of some files, and the human element (you cannot know whether the user will change to a bad internet connection, is in a hurry etc) I believe the error message should offer the choice to the user to retry download or cancel the install. But never allowing to run with a wrong checksum. The user could make their own script if they know what they are doing. @LeXofLeviafan ISP messing with the content of their clients are a shame, and CDNs well... accidents happen I guess. But it is simply not normal the file differs. The error message could include a very brief explanation about CDNs and ISPs, and invite the user to try from another place. Given how spread (and proprietary) the video game community is, it is indeed an important element for security. |
As runtime can get corrupted during download due to unstable internet connection or interference from the ISP, it may cause errors for the user.
Lutris should run a checksum check for the runtime packages that it downloads and automatically re-download them if the check fails.
The text was updated successfully, but these errors were encountered: