16.12.2011 20:44, Olav Vitters kirjoitti:
On Fri, Dec 16, 2011 at 08:38:03AM -0800, Jonathan Wilkes wrote:
So when someone hacks the extension website and changes the code for
"Popular Extension #1" to log the user's keystrokes, how
does my Gnome Shell know to reject that rogue extension when I try to install
it?
If the website is hacked, the GPG signature would still be added.
What does this mean? The client as it is in Gnome 3.2.1 does not seem to
contain any code checking GPG signatures --- so if the site is hacked,
enjoy your keylogger?
--
Pauli Virtanen
_______________________________________________
gnome-shell-list mailing list
[email protected]
http://mail.gnome.org/mailman/listinfo/gnome-shell-list
