Re: Extension security?

16.12.2011 20:44, Olav Vitters kirjoitti:
On Fri, Dec 16, 2011 at 08:38:03AM -0800, Jonathan Wilkes wrote:
So when someone hacks the extension website and changes the code for
"Popular Extension #1" to log the user's keystrokes, how

does my Gnome Shell know to reject that rogue extension when I try to install it?

If the website is hacked, the GPG signature would still be added.

What does this mean? The client as it is in Gnome 3.2.1 does not seem to contain any code checking GPG signatures --- so if the site is hacked, enjoy your keylogger?

Pauli Virtanen

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]