Code integrity problem - lots of extra files (mainly tmp folder)

integrity_check
10

#1

Hi,

I'm running ownCloud 10.0.7.2 (but had the error already earlier) and have a lot of files that fail the integrity check. I have a custom theme which I managed to exclude from the integrity check. Most of the remaining files are in the "tmp" folder and seem to be some session files, because they are all named like "tmp/sess_xxx".

I tried to exclude the "tmp" folder from the check by adding this parameter to my config.php:

'excluded_directories' =>
array (
'tmp',
'theme-sottovoce',
),

For the folder with my custom theme this worked. But not for the "tmp" folder. When I use 'integrity.excluded.files' instead of 'excluded_directories' the result is just the same.

Additionally there's a file .ht5wnnfy.appconfig.php in the root folder that is reported as an extra file. I don't know who put this file there. I installed ownCloud using an "easyApps" framework that is provided by my webhoster. Perhaps this framework owns that file.

So how do I get a "clean" integrity check? Here's the complete content of the failure list:

Thanks and best regards,
Oliver


#2

This and your gist looks to me like PHP session files. I don't think that it is a good idea to save those in a public accessible folder/directory and you probably need to research how you can configure your PHP environment to save those at a more secure place.