Closed
Bug 958747
Opened 10 years ago
Closed 10 years ago
Request deletion from APK Factory if the app is naughty
Categories
(Marketplace Graveyard :: Integration, defect, P4)
Tracking
(Not tracked)
RESOLVED
INVALID
People
(Reporter: andy+bugzilla, Assigned: kumar)
References
Details
(Whiteboard: [apk-factory])
If an app, or a version of an app has a security hole, we'll need to remove it from the APK Factory cache. Having a signed version of an app that has a known security issue in it would be a no-no. In AMO we remove addons if old versions have been disabled. Likewise something should happen here. Perhaps when a version is deleted or disabled from the marketplace, we can send a API ping to the APK Factory and ask it to delete the affected builds.
Reporter | ||
Updated•10 years ago
|
Flags: needinfo?(rforbes)
Flags: needinfo?(myk)
Reporter | ||
Comment 1•10 years ago
|
||
Ozten rightly pointed out that we aren't really signing it with a Mozilla key, we are signing it on behalf of the developer. This is an important distinction from how signed packaged apps work. Still the idea of having an app that has a known security flaw on our cache somewhere, makes me feel nervous. So not sure.
Comment 2•10 years ago
|
||
Indeed, it wouldn't hurt to have a way to purge the cache, although we'll want to ensure that it isn't abused to mount a DOS attack on the factory. I can readily imagine how to do that for Marketplace, but I'm unsure how to do it for marketplaces generally.
Flags: needinfo?(myk)
Updated•10 years ago
|
Assignee: nobody → kumar.mcmillan
Reporter | ||
Updated•10 years ago
|
Component: FxA → Integration
Assignee | ||
Comment 3•10 years ago
|
||
When we discussed this we said we'd make the APK cache poll manifest URLs every once in a while and expunge the ones that are 404s. When the Marketplace finds a malicious hosted app it will delete it and the URL will be gone. In this approach we would not be policing hosted app URLs. Those wouldn't be installable anyway since the Marketplace won't list them. Marking as a P4 because the install button won't be visible for deleted manifest URLs.
Priority: -- → P4
Reporter | ||
Updated•10 years ago
|
Reporter | ||
Comment 4•10 years ago
|
||
(In reply to Kumar McMillan [:kumar] (needinfo for quickness) from comment #3) > Marking as a P4 because the install button won't be visible for deleted > manifest URLs. Discussed with kumar and if the Marketplace doesn't allow the install, that's fine by me. We can't really stop people using the APK Factory to sign a malicious app, host it for them and stick a "install me" button on the developers website. We can only really police the Marketplace.
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → INVALID
Updated•10 years ago
|
Flags: needinfo?(rforbes)
You need to log in
before you can comment on or make changes to this bug.
Description
•