C. Scott Ananian writes: > I have added a draft manifest specification to the wiki at: > http://wiki.laptop.org/go/Manifest_Specification > There is not yet consensus on this specification; it shouldn't be > viewed as final by any means.
First, regarding the document itself: It appears that you are using some undefined regexp or BNF type of thing, but the reader may guess the syntax wrongly. At times I think you might mean for something to be taken literally, but I can't be fully sure. Second, regarding the format itself. It seems to not be needed. You're introducing redundant info, which is almost always bad for security. The file archive itself contains the list of files. If you want to keep a list around (you shouldn't), you can make a copy of that list when the bundle is installed. Hard linking via this mechanism is quite exploitable. For linking within a bundle, the easy answer is to STOP USING ZIP. At least allow a standard Linux archiver (tar, cpio, or pax) as an alternative to that crufty old DOS archiver. Across bundles, you need something other than hard links, and you'll need a real hero if you expect it to work any time soon. Perhaps someday, there will be a flash filesystem driver that supports copy-on-write file blocks as a way to do compression. For signing and all, doesn't gpg provide a standard way to do this? As far as I can tell, you just need to ship the public keys allowed for future upgrades in the archive and then sign the whole archive. _______________________________________________ Devel mailing list [email protected] http://lists.laptop.org/listinfo/devel
