Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add checksum checks #1218

Open
tannisroot opened this issue Oct 19, 2018 · 4 comments
Open

Add checksum checks #1218

tannisroot opened this issue Oct 19, 2018 · 4 comments
Labels
feature request
Milestone
0.6.0

Comments

@tannisroot
Copy link
Contributor

As runtime can get corrupted during download due to unstable internet connection or interference from the ISP, it may cause errors for the user.
Lutris should run a checksum check for the runtime packages that it downloads and automatically re-download them if the check fails.
@strycore strycore added this to the 0.5 milestone Oct 20, 2018
@manuelVo
Copy link
Contributor

Maybe it would be a good idea to sign the runtime and check that signature after downloading while we're at it. The way it's built right now if anyone were to break into the servers distributing the runtime they'd be able to distribute malware through the runtime. That could be prevented by signing the runtime.

@LeXofLeviafan
Copy link

automatically redownload

And if the checksum is always wrong?

@Medath Medath mentioned this issue May 10, 2020
Closed
@tannisroot tannisroot changed the title Add checksum check for runtime Add checksum checks Nov 17, 2021
@tannisroot tannisroot modified the milestones: 0.5.x, 0.5.10 Nov 17, 2021
@strycore strycore removed this from the 0.5.10 milestone Jan 23, 2022
@strycore strycore added this to the 0.5.12 milestone Aug 10, 2022
@mYnDstrEAm
Copy link

This is very important for security reasons, as outlined in my issue linked above (closed as duplicate).

People don't even need to break into the servers distributing the runtime, for example it could be the developers themselves distributing them on purpose or unintentionally because some of the software they use for coding & building got infected for example.

Moreover, it would need to check after the download has finished but also afterwards to make sure the launcher is not replaced by some malware version of it. I don't know how this could be best implemented but maybe via regular checks of the hash.

A difficulty is getting the correct hash for the launchers, if possible hashes signed by developers. Eventually the binaries should be reproducible so that they are validated to match the source code.

I think for secure gaming on Linux this issue and #4556 would need to be solved.

@strycore strycore modified the milestones: 0.5.13, 1.0 Feb 9, 2023
@strycore strycore modified the milestones: 1.0, 0.6.0 Jun 1, 2023
@d-damien
Copy link

Given the size of some files, and the human element (you cannot know whether the user will change to a bad internet connection, is in a hurry etc) I believe the error message should offer the choice to the user to retry download or cancel the install. But never allowing to run with a wrong checksum. The user could make their own script if they know what they are doing.

@LeXofLeviafan ISP messing with the content of their clients are a shame, and CDNs well... accidents happen I guess. But it is simply not normal the file differs. The error message could include a very brief explanation about CDNs and ISPs, and invite the user to try from another place.

Given how spread (and proprietary) the video game community is, it is indeed an important element for security.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request
Projects
None yet
Milestone
0.6.0
Development

No branches or pull requests
6 participants
@strycore @manuelVo @mYnDstrEAm @tannisroot @LeXofLeviafan @d-damien