Applications (e.g. Firefox) often include a root ca bundle file containing trusted certificates.
How can I protect those files from malicious agents trying to modify them? I think signing is not an option because they could also replace the public key used for verification.
Is access control the only protection against fraudulent certificate injection in Firefox and similar applications, or is there some other mechanism in place?
Aucun commentaire:
Enregistrer un commentaire