← Back to team overview

ubuntu-phone team mailing list archive

Re: Calling for Click signing

 

 What is going to happen to all the existing apps in the store and apps
already installed once signing is enabled?


On Fri, Jun 6, 2014 at 1:18 AM, Martin Albisetti <argentina@xxxxxxxxx>
wrote:

> On Thu, Jun 5, 2014 at 8:17 PM, Ondrej Kubik <ondrej.kubik@xxxxxxxxxxxxx>
> wrote:
> >
> > At the moment only security measure involved while installing click
> package
> > is https connection to click store. Click package itself is not signed.
> > At the same time even RTM image will have enabled side loading.
> >
> > This opens potential risk that installed application can be "upgraded"
> with
> > trojan version which can steal application's private data. In this case
> > attacker breaks into app's confinement.
> >
> > Worse case would be upgrade of unconfined application with trojan
> version,
> > which would gain full access to protected apis, for example telephony,
> > allowing attacker to send premium SMS without user even realising.
> >
> > If we sign click package, and click installer checks signature against
> > installed version this would significantly improve security.
>
> Yes, we have a plan for it:
>
> https://blueprints.launchpad.net/ubuntu/+spec/foundations-1305-click-package
>
>
> --
> Martin
>

Follow ups

References