Hi,
Everytime i want to add a new POL script, i have to read the source code (for security reasons).
Why ? Cause someone can MITM me or compromise the file server and replace binary with backdoored one.
So please, could you plan to introduce the following security feature:
- Add the signing content of all files (signed scripts + signed software binary) downloaded from POL website and/or use https on your file server (iirc : files.playonlinux.com).
Here one of the way to introduce signing feature :
- Each contributor having access to the files server generate pair of pub/priv.
- Add main pubkeys in default playonlinux install
- Provide a file in each install of POL programs (as separated or included in the end of POL script)
- Add a pub key viewer inside the software to list referenced pubkeys (that can be stored in a directory), and offer the possibility to add/remove any pub keys from the windows. This can be a simple "List" widget with add/remove button.
- Each times POL launch a script to install a game, it will check the signature of files, If files are not downloaded from POL website, it will enumerate them.
What do you think ?
Thanks you guys for your time and consideration. And really, you are doing a great works on this project.
S
