[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #26212 [Applications/Tor Browser]: Use digital signature verification to prevent modification of omni.ja



#26212: Use digital signature verification to prevent modification of omni.ja
--------------------------------------+--------------------------
 Reporter:  indigotime                |          Owner:  tbb-team
     Type:  enhancement               |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by teor):

 For some operating systems, like macOS, the entire application directory
 is covered by the digital signature on the application (not the downloaded
 dmg file, which has a separate signature). So if any file is modified, the
 application will fail to launch.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26212#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs