felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Guillaume Nodet <gno...@gmail.com>
Subject Re: Felix security and signed jars
Date Thu, 22 Mar 2012 15:17:15 GMT
THat's my point, it only happen at install time, which means it's not
really secured.  I think it has to be done each time a class or resource is
loaded else, anyone can change the jar file in the cache folder after it
has been installed and no verification is done.
I think that's not really good, as the purpose of the security bits it to
be ... secured, and if people are willing to pay the cost of the security
manager, it has to be 100% secured imho.

On Thu, Mar 22, 2012 at 13:50, Karl Pauls <karlpauls@gmail.com> wrote:

> The verfication is done in the security provider (only happens if
> installed).
>
> regards,
>
> Karl
>
> On Thu, Mar 22, 2012 at 1:24 PM, Guillaume Nodet <gnodet@gmail.com> wrote:
> > I'm trying to understand how Felix verify the classes signatures but I
> > don't see anything around that.
> > It seems to me that in a non OSGi environment, the classes will be
> verified
> > by the class loader when loaded from a jar mainly because the
> > java.util.jar.JarFile does the signature verification when loading an
> entry
> > (i.e. a class) from the jar file.  However, Felix does not use the
> JarFile
> > class and uses a custom ZipFile instead.
> > So it looks like the whole signed jars mechanism does not really work.
> > Am I right, or do I miss something here ?
> >
> > --
> > ------------------------
> > Guillaume Nodet
> > ------------------------
> > Blog: http://gnodet.blogspot.com/
> > ------------------------
> > FuseSource, Integration everywhere
> > http://fusesource.com
>
>
>
> --
> Karl Pauls
> karlpauls@gmail.com
> http://twitter.com/karlpauls
> http://www.linkedin.com/in/karlpauls
> https://profiles.google.com/karlpauls
>



-- 
------------------------
Guillaume Nodet
------------------------
Blog: http://gnodet.blogspot.com/
------------------------
FuseSource, Integration everywhere
http://fusesource.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message