search

globaleaks / APAF

Anonymous Python Application Framework
33 stars 15 forks source link

Make downloading of binary packages secure #46

Open hellais opened 11 years ago

hellais commented 11 years ago

Looking at https://github.com/globaleaks/APAF/blob/master/apaf/build.py, it appears that the download uses urrlib that does not verify SSL certificates and the function for verifying the signature of the binary always returns true.

I suggest we have the public key fingerprint of the people signing packages hardcoded inside of the source (or in some other part of the software, but we ship with it).

We should also bundle a set of SSL roots that are trustworthy and be sure that proper SSL verification is being done.

fpietrosanti commented 11 years ago

Also related to: