mirror of
https://github.com/token2/snapd.git
synced 2026-03-13 11:15:47 -07:00
a58b5b6640
snap revision fetching and cross-checking should take provenance into account and also verify device scope constraints for revision authority delegation provenance is taken as a hint from the store, but then matching assertions must be found and then provenance is double checked a failure of the latter check is likely a sign of a bug or error as an attacker that can submit or forge/sign a blob could as well do one with the expected provenance provenance goals are tracing and avoiding the risk of polluting the snap-revision namespace this leaves alone the DeriveSideInfo* functions mainly used for asserted local installs, this means they might fail to find a snap-revision sometimes, they will be updated in a different branch.