You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@felix.apache.org by "Andie Similon (Issue Comment Edited) (JIRA)" <ji...@apache.org> on 2011/10/06 08:46:30 UTC
[jira] [Issue Comment Edited] (FELIX-3147) Check whether bundle jar
is signed
[ https://issues.apache.org/jira/browse/FELIX-3147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13121767#comment-13121767 ]
Andie Similon edited comment on FELIX-3147 at 10/6/11 6:46 AM:
---------------------------------------------------------------
You are right that nothing in the OSGi spec indicates that it should be done. I noticed knopflerfish still does it at this point of time. The reason I asked this is because it is a requirement of the home gateway initiative and I was wondering if it was left out for a reason.
was (Author: slimmy):
Nothing in the spec indicates that it should be done. I noticed knopflerfish still does it at this point of time. The reason I asked this is because it is a requirement of the home gateway initiative and I was wondering if it was left out for a reason.
> Check whether bundle jar is signed
> ----------------------------------
>
> Key: FELIX-3147
> URL: https://issues.apache.org/jira/browse/FELIX-3147
> Project: Felix
> Issue Type: Improvement
> Components: Framework
> Affects Versions: framework-3.0.9
> Reporter: Andie Similon
> Priority: Minor
>
> I am not sure but it seems to be that when loading a bundle it will not verify the signature of the bundle. I can self sign a bundle and then change its contents and the framework will not throw a SecurityException. Is this intended?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira