[
https://issues.apache.org/jira/browse/FELIX-3610?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13422603#comment-13422603
]
Karl Pauls commented on FELIX-3610:
-----------------------------------
Regarding the theory, I can see that there are bigger or smaller attack windows
depending on what we do.
However, if you give the framework to an untrusted third party which has full
access to the framework cache there is no way you can guaranty anything. This
is not the only point of attack, there are tons of others and I don't even see
a way to eliminate them completely no matter how hard we would try.
If you can trust your cache then our approach is fine.
I guess it would really help if you could figure out what it is they do
exactly. Let's try to figure out if we can address their concrete problem first.
> Support runtime verification for signed bundles
> -----------------------------------------------
>
> Key: FELIX-3610
> URL: https://issues.apache.org/jira/browse/FELIX-3610
> Project: Felix
> Issue Type: Improvement
> Components: Framework, Framework Security
> Reporter: Guillaume Nodet
> Assignee: Karl Pauls
>
> Signed bundles are only checked when installed, but the goal of signed
> bundles is to make sure no one has changed the jar. This is not ensured
> unless bundle entries are verified when loaded.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
