What is the potential damage of a compromised CODE server?

Hi,

I’m thinking about installing Collabora CODE on a server whose security I don’t trust 100%. I don’t understand the mechanics behind Nextcloud and Collabora well enough to estimate the potential damage of such a setup. Let’s say an attacker has root acces to the server on which Collabora is installed. What would that mean for the files on the Nextcloud server? Would the attacker be able to gain access to all of them? Or just the ones that are currently edited?

Thanks a lot!

An attacker with root access has access to everything on your server and can control it completely. So the answer is yes, the attacker has access to all your Nextcloud/Collabora documents.

Thanks for you answer! I realize now that I left out an important detail, sorry about that: Nextcloud and CODE would be installed on different servers.

The situation I am worried about is this: Nextcloud is installed on server A. CODE is installed on server B. Server B gets hacked. Can the hacker now gain access to Nextcloud documents/some of them?

I suppose that Nextcloud somehow transfers documents to the CODE server when a users are editing them, and that’s what makes me suspicious.