Hi Bill, all, See below
On 11/12/2014 08:58 PM, Yannick Devos (XV4Y) wrote: > Hi Bill, > > I am answering below. > > 73, > Yan. > --- > Yannick DEVOS - XV4Y > http://www.qscope.org/ > http://xv4y.radioclub.asia/ > > Le 13 nov. 2014 à 07:37, Bill Somerville <g4...@classdesign.com> a écrit : > >> On 12/11/2014 23:51, Yannick DEVOS (XV4Y) wrote: >>> Hi Bill, >> Hi Yan, >>> >>> I am not a specialist about this questions, but this is my comment. >>> What you could do on OS X is at first run check if the KVASD is present >>> (and updated) and if not download it and install it (with the EULA dialog, >>> etc). >>> The ClamXAV antivirus does this for its internal engine which is developed >>> by a different team than the GUI itself. >> I did consider such a solution for all platforms although it is probable >> that the application doesn't have permission to write the KVASD >> executable to the required location. The main reason that I didn't take >> this route and instead linked the KVASD install to the WSJT-X installer >> (more or less directly) is that it isolates the code that requires >> elevated permissions to the installer context. > ClamXAV for instance ask the administrator password, but it might be because > the antivirus engine has to work at system level... >> >> In general I think it is a potential major security violation for any >> application to download executable content from the Internet and such >> ability should not be granted to a user level application. I have to agree with Bill here. Downloading a live binary, that's capable of running as soon as it lands on the users system, is not wise in the eyes of security. MD5 or SHA sums are ok, but only tell you bit integrity. Maybe creating .tar.gz or .xz file and have the archive signed by then person uploading them to SVN would provide some additional trust. You could go as mild or wild as you want to administer, but a simple public .asc signature would go a long way toward better trust. This process is how infrastructure build servers work. I build a package, sign it, upload it. This will not prevent malicious attacks, but at least provides the end-user with some level of confidence as to the origin, particularly when the source code cannot be examined prior to using the binary. I plan on using a similar approach for JTSDK, but It never dawned on me that we could / should employ something similar for kvasd-installers ( KVASD Binaries ). There are lots of models for doing this, should not be too tough to put a simple process together. Gpg is available for most all systems in on form or another. I still think downloading the binaries, rather than trying to include the somehow, on systems that would allow it, is a much smarter play. > I quite agree with you from a general principle, however many applications > like FireFox or Google Chrome do their updates this way. > I don't tell you to silently do it like Chrome does it, because I find it > very annoying. > However, informing the user, and providing him a way to download the package > in one click and install it with just a further drag-&-drop seems responsible > to me. > > If I were to do it for a software I wrote, that's the way I would do it, but > that does not mean that's the way you have to do it... >>> >>> 73, >>> Yan - XV4Y. >>> --- >>> http://www.qscope.org/ >> 73 >> Bill >> G4WJS. ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk _______________________________________________ wsjt-devel mailing list wsjt-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wsjt-devel
