[
https://issues.apache.org/jira/browse/FELIX-3610?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13422598#comment-13422598
]
Guillaume Nodet commented on FELIX-3610:
----------------------------------------
Bundle permissions are not really the concern here.
I think there are two problems here:
* the fact that bundles are not checked when the framework restarts (the
security provider is registered too late), so they should, but they're not
* the fact that after a bundle has been verified successfully, it can be
tampered in the cache before resources are actually loaded (especially while in
the installed state, before being resolved)
In terms of security and performances, I still think that checking the
signatures lazily at runtime when resources are loaded instead of at
installation time would be better imho.
> Support runtime verification for signed bundles
> -----------------------------------------------
>
> Key: FELIX-3610
> URL: https://issues.apache.org/jira/browse/FELIX-3610
> Project: Felix
> Issue Type: Improvement
> Components: Framework, Framework Security
> Reporter: Guillaume Nodet
> Assignee: Karl Pauls
>
> Signed bundles are only checked when installed, but the goal of signed
> bundles is to make sure no one has changed the jar. This is not ensured
> unless bundle entries are verified when loaded.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
