El Martes 09 Jun 2009 14:20:09 David Anderson escribió: > It would be possible to use code signing > (WU files can have signatures, just like app version files). > But this would defeat the ease-of-use goal. > It's the same situation with single job submission. > At least, in both cases, the time window of vulnerability is limited.
Input files can have signatures, and if the signature is there, it's checked. If an input file has an invalid signature (doesn't match public key), the file is rejected. But what can a project admin do to enforce there has to be a valid signature on a certain file? If a project sends its Python scripts signed, what would stop a hacker from simply sending a workunit that doesn't have a signature at all in the Python script? I think this is relevant to any project where the input file format is "powerful enough" to cause harm if it's maliciously created. _______________________________________________ boinc_dev mailing list [email protected] http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev To unsubscribe, visit the above URL and (near bottom of page) enter your email address.
