El Saturday 11 January 2014, Martin Kolman escribió: > 11.1.2014 13:34, Alejandro Exojo: > >> QA can check if post script doing some good job and allow it? > > > > If the script is simple, yes. If it is not, there is a serious risk that > > somebody adds a trojan horse to the phone. > > > > That would mean that somebody has to define what is a simple script. And > > that a problem in QA could mean a trojan horse is added to users' > > phones. > > And yet normal Linux distributions like Fedora, Debian, Ubuntu or > openSUSE manage to check their tens of thousands of packages just fine...
Yes, but the comparison doesn't apply. I have experience with how Debian works, so I'll use Debian in my comparison. - People who upload a package to the Debian archive pass a very through test, and above all, the build themselves a reputation of doing things right by doing many things. Application submitters on Harbour do no such things. - I did package applications in Debian, and submit them to the archive (through sponsorship, which means a Debian Developer checked my work with detail before the upload), and I can't think, why an application would need to run a script on installation with full permissions. Those scripts normally do things in infrastructure packages. > BTW, I would be more concerned of closed source binary-only packages > being submitted to the store, than about scripts you can actually read. > The blob can on the other hand do anything without QA having any > reasonable means to check for that. Definetely, and I'm avoiding proprietary applications as much as I can (not only on the Jolla). I even try to avoid open source applications that do stupid things. But first, applications don't run as root. If you find an application that does something wrong, at least you can uninstall it. If some security incident happens in a script run as root, you can't trust the phone anymore. And second, Sailfish OS of course lacks a security framework for applications. My bet is that they will wait till the "portals" thingie is implemented by systemd and related projects, so there is no simple way to fix this problem with the phone already released. But you can avoid doing more harm by blocking package scripts. -- Alex (a.k.a. suy) | GPG ID 0x0B8B0BC2 http://barnacity.net/ | http://disperso.net _______________________________________________ SailfishOS.org Devel mailing list
