Forums

Feature request

Signing script variable and pubkey managment

Auteur Réponses
sam666 Lundi 1 September 2014 à 4:58
sam666Anonymous

Hi,

Everytime i want to add a new POL script, i have to read the source code (for security reasons).

Why ? Cause someone can MITM me or compromise the file server and replace binary with backdoored one.

So please, could you plan to introduce the following security feature:

- Add the signing content of all files (signed scripts + signed software binary) downloaded from POL website and/or use https on your file server (iirc : files.playonlinux.com). 

Here one of the way to introduce signing feature :

- Each contributor having access to the files server generate pair of pub/priv.

- Add main pubkeys in default playonlinux install

- Provide a file in each install of POL programs (as separated or included in the end of POL script)

- Add a pub key viewer inside the software to list referenced pubkeys (that can be stored in a directory), and offer the possibility to add/remove any pub keys from the windows. This can be a simple "List" widget with add/remove button.

- Each times POL launch a script to install a game, it will check the signature of files, If files are not downloaded from POL website, it will enumerate them.

What do you think ?  

Thanks you guys for your time and consideration. And really, you are doing a great works on this project.

S

sam666 Lundi 1 September 2014 à 5:00
sam666Anonymous

- Provide a file in each install of POL programs (as separated or included in the end of POL script)

I mean "provide a file containing all signed values to be checked by POL with the pubkey stored"

Quentin PÂRIS Lundi 1 September 2014 à 11:02
Quentin PÂRISAnonymous

This is actually the current mechanism. If POL gives the source code of a script before running it, it means that the signature check failed.