On 11/17/2016 10:48 AM, Alexander Larsson wrote:
The problem is when the runtime is *not* installed. The untrusted
remote could claim to have an "org.gnome.Platform" runtime, which will
then be installed, and at this point you're affecting another app.
Is it possible to use cryptography here to make this a bit more safe and
easier to use? Instead of just matching "org.gnome.Platform" name, apps
could maybe also require that "org.gnome.Platform" is signed with a
certain key? And then we could do automatic install if we can find a
runtime with matching signature? Also, maybe different
"org.gnome.Platform" runtimes signed with different keys should be
parallel installable?
--
Kalev