Bruno Wolff III wrote: > Uncompressing hostile data is generally not a good thing to be doing. > From that aspect it makes more sense to sign the compressed payload.
I was thinking that since the signature check usually passes, the data could be uncompressed into a cache, checked there, then copied into place (assuming the check passes). If the data is capable of escaping from that sandbox before being checked, that's a serious security bug in the compression software that should be fixed in any case. (Sorry for not responding in-thread. Gmane isn't updating its list of existing threads.)
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
