ubuntu-phone team mailing list archive

[Michael Zanetti <michael.zanetti@xxxxxxxxxxxxx>]

On Tuesday 13 August 2013 10:01:58 Sergio Schvezov wrote:
> On Tue, Aug 13, 2013 at 9:33 AM, Michael Zanetti <
> 
> michael.zanetti@xxxxxxxxxxxxx> wrote:
> > Hi,
> > 
> > I've just been watching this demo [1] on how to publish click packages.
> > Looks
> > very promising! However, one question that comes up here is at the
> > uploading
> > step (3:13 in the video):
> > 
> > The website allows to upload a binary package and a source package.
> > However, I
> > can't see any connection between those two. How can I be sure that the
> > binary
> > click package indeed contains an unmodified version of the uploaded source
> > package? From what I can see here I could easily publish some source code
> > and
> > then build a malicious package containing some additional bad code.
> 
> You will be confined by apparmor here and very limited in the bad things
> you can do.

I don't agree here. I'm not entirely sure how AppArmor works, but I assume it 
would block access to, for instance, my address book. If I still want to use 
that app there must be some place where I can grant permissions to an app to 
access my address book. This is where I would like to know what the package 
actually does with my address book and where I would need to rely on the fact 
that the binary package is indeed an *unpatched* version of the uploaded 
source package.