Security Concerns storing WWW files outside CODE BUNDLE.

[chiemekailo]

File Access is possible on devices

I am concerned about keeping the web app (www files) in an external storage/folder other than the main app bundle, would this not compromise app security? and if so, what are the remedies or extra steps one can take to keep our apps secure?

Problem

1. Can an end user find a way to replace a file in file storage? I am aware that on iOS, an app can use the NSLibraryDirectory in the sandbox, rather than the NSDocumentsDirectory to fully hide files from the end user. So does this plugin use NSLibraryDirectory for iOS? and how about the Android aspect?
2. As noted in the first question, if NSLibraryDirectory (and a similar hidden directory on Android) is used, is this more susceptible to brute force attacks than the app binary itself?

[tonyjoanes]

It certainly sounds like it goes against Android security guidelines, take a look at this article I just found.

https://thehackernews.com/2018/08/man-in-the-disk-android-hack.html

[nordnet-deprecation-bot]

👋 Hi! Thank you for your interest in this repo.

😢 We are not using nordnet/cordova-hot-code-push anymore, and we lack the manpower and the experience needed to maintain it. We are aware of the inconveniece that this may cause you. Feel free to use it as is, or create your own fork.

🔒 This will now be closed & locked.

ℹ️ Please see #371 for more information.