Closed pattivacek closed 2 years ago
mike-sul
commented
2 years ago @LGTM, Just have one question. IIRC, we didn't do proper metadata verification for Managed/Virtual Secondary because they are running/located on the Primary ECU and Primary does verify their metadata prior to invoking putMetadata call. So, as far as I understand an approach has changed now so we need to do this additional verification?
pattivacek
commented
2 years ago IIRC, we didn't do proper metadata verification for Managed/Virtual Secondary because they are running/located on the Primary ECU and Primary does verify their metadata prior to invoking
putMetadatacall. So, as far as I understand an approach has changed now so we need to do this additional verification?
Right. From a security perspective it doesn't really make sense. It's honestly just about testing. This makes it easier to test Secondary verification without having to spin up another application. If you want a managed Secondary that doesn't do that, I think you should still be able to inherit from ManagedSecondary and just skip all the built-in verification functions. You can already use fiu to do that for putRoot with VirtualSecondary, for example.
Thanks for the review!
FYI @cajun-rat and @mike-sul.