[SailfishDevel] Scriptlets in RPM hot allowed to Harbour

Alejandro Exojo suy at badopi.org
Sat Jan 11 13:14:56 UTC 2014 

El Saturday 11 January 2014, Martin Kolman escribió:
> 11.1.2014 13:34, Alejandro Exojo:
> >> QA can check if post script doing some good job and allow it?
> > 
> > If the script is simple, yes. If it is not, there is a serious risk that
> > somebody adds a trojan horse to the phone.
> > 
> > That would mean that somebody has to define what is a simple script. And
> > that a problem in QA could mean a trojan horse is added to users'
> > phones.
> 
> And yet normal Linux distributions like Fedora, Debian, Ubuntu or
> openSUSE manage to check their tens of thousands of packages just fine...

Yes, but the comparison doesn't apply. I have experience with how Debian 
works, so I'll use Debian in my comparison.

- People who upload a package to the Debian archive pass a very through test, 
and above all, the build themselves a reputation of doing things right by 
doing many things. Application submitters on Harbour do no such things.

- I did package applications in Debian, and submit them to the archive 
(through sponsorship, which means a Debian Developer checked my work with 
detail before the upload), and I can't think, why an application would need to 
run a script on installation with full permissions. Those scripts normally do 
things in infrastructure packages.
 
> BTW, I would be more concerned of closed source binary-only packages
> being submitted to the store, than about scripts you can actually read.
> The blob can on the other hand do anything without QA having any
> reasonable means to check for that.

Definetely, and I'm avoiding proprietary applications as much as I can (not 
only on the Jolla). I even try to avoid open source applications that do 
stupid things.

But first, applications don't run as root. If you find an application that does 
something wrong, at least you can uninstall it. If some security incident 
happens in a script run as root, you can't trust the phone anymore.

And second, Sailfish OS of course lacks a security framework for applications. 
My bet is that they will wait till the "portals" thingie is implemented by 
systemd and related projects, so there is no simple way to fix this problem 
with the phone already released. But you can avoid doing more harm by blocking 
package scripts.

-- 
Alex (a.k.a. suy) | GPG ID 0x0B8B0BC2
http://barnacity.net/ | http://disperso.net

More information about the Devel mailing list