felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Karl Pauls (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FELIX-3610) Support runtime verification for signed bundles
Date Wed, 25 Jul 2012 20:56:35 GMT

    [ https://issues.apache.org/jira/browse/FELIX-3610?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13422603#comment-13422603

Karl Pauls commented on FELIX-3610:

Regarding the theory, I can see that there are bigger or smaller attack windows depending
on what we do.

However, if you give the framework to an untrusted third party which has full access to the
framework cache there is no way you can guaranty anything. This is not the only point of attack,
there are tons of others and I don't even see a way to  eliminate them completely no matter
how hard we would try. 

If you can trust your cache then our approach is fine. 

I guess it would really help if you could figure out what it is they do exactly. Let's try
to figure out if we can address their concrete problem first.
> Support runtime verification for signed bundles
> -----------------------------------------------
>                 Key: FELIX-3610
>                 URL: https://issues.apache.org/jira/browse/FELIX-3610
>             Project: Felix
>          Issue Type: Improvement
>          Components: Framework, Framework Security
>            Reporter: Guillaume Nodet
>            Assignee: Karl Pauls
> Signed bundles are only checked when installed, but the goal of signed bundles is to
make sure no one has changed the jar.    This is not ensured unless bundle entries are verified
when loaded.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message