search

Lanchon / sigspoof-checker

Signature Spoofing Checker
GNU General Public License v3.0
76 stars 10 forks source link

Wrong detection #2

Closed walrus543 closed 7 years ago

walrus543 commented 7 years ago

Hi,

I'm running Android 7.1.2 (custom ROM based on Lineage OS which has the built-in signature spoofing patch). All features are checked in microG settings app > self-check.

Lanchon commented 7 years ago

detection works, AFAIK. i even publish a rom patcher to implement sigspoof (see lanchon haystack).

your rom could have sigspoof capability only for microG (tied to microG's public certificate). this has been proposed in projects such as CyanogenMod, and it is insulting and contrary to free software principles in that you are forbidden to build, hack, or contribute to (you cannot test your contributions) the microG Project.

alternatively, some other mechanism might be denying sigspoof to this app. have you check app permissions for this app in the OS settings? some Android builds require that you grant sigspoof permission explicitly to apps.

ale5000-git commented 7 years ago

@Primokorn: Maybe you have to enable signature spoofing permission for this app (separate from the one for microG).

walrus543 commented 7 years ago

You are right. I didn't grant the permission. The check passes now.

ale5000-git commented 7 years ago

@Lanchon: Maybe should be added to the readme this information about granting the app specific permission on some ROM.

Lanchon commented 7 years ago

thank you both!

this is sort of a bug. the app should request the permission, not just use it. this is why @Primokorn got into trouble in the first place.

Lanchon commented 7 years ago

see #3.