Re: Extension security?
- From: Pauli Virtanen <pav iki fi>
- To: gnome-shell-list gnome org
- Subject: Re: Extension security?
- Date: Sat, 17 Dec 2011 02:14:53 +0100
16.12.2011 20:44, Olav Vitters kirjoitti:
On Fri, Dec 16, 2011 at 08:38:03AM -0800, Jonathan Wilkes wrote:
So when someone hacks the extension website and changes the code for
"Popular Extension #1" to log the user's keystrokes, how
does my Gnome Shell know to reject that rogue extension when I try to install it?
If the website is hacked, the GPG signature would still be added.
What does this mean? The client as it is in Gnome 3.2.1 does not seem to
contain any code checking GPG signatures --- so if the site is hacked,
enjoy your keylogger?
--
Pauli Virtanen
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]