tauri icon indicating copy to clipboard operation
tauri copied to clipboard

Published 20 hours ago verified publisher icon tauri-apps

[feat] Add sidecar hash verification

Open H4shloop13 opened this issue 2 years ago • 4 comments

Describe the problem

Currently we cant verify if the sidecar was changed or modified from the one in production. In my case my sidecar containt public key that verify e signature given from e server so i dont want this public key to be replaced in sidecar binary.

Describe the solution you'd like

Add hash verification to check if the sidecar have changed from the one in production , on tauri launch it verify the hash if not equal then close the app

Alternatives considered

No response

Additional context

No response

H4shloop13 avatar Aug 04 '22 19:08 H4shloop13

Due to the nature of delivering software to third party client machines, there is nothing that we or anybody can do to completely prevent obtaining that public key.

chippers avatar Aug 05 '22 03:08 chippers

The moment your software enters a clients machine you have to assume it could be hacked or even an entirely different client altogether. The feature you're requesting doesn't solve your security concern, you have to change your approach to achieve true security for yourself and your users.

This sort of feature falls in the category of "security enhancement" in the same sense as hiding your REST API can be seen as a security enhancement but not a security guarantee. Hackers can for example hack your executable and either A) replace the hash or B) replace the entire verification function to just always return true. This feature wouldn't offer any real extra security for you or your users, it would just make it less likely to be hacked, but not impossible.

So, development of this feature could serve to give Tauri developers a false sense of security, thinking that their binary is always safe because its hash gets verified, they start distributing public keys thinking they can't be changed, when in fact, there's nothing anyone can do to prevent this.

That being said, while not being a security guarantee, it's still an enhancement (albeit a very small one), I'd still say it's worth developing, but it's such a tiny enhancement that it falls in the category of being developed "Soon™️"

Pros:

  • Makes it harder for amateur hackers
  • Relatively easy to implement

Cons:

  • Gives Tauri developers a false sense of security
  • Doesn't offer any security against skilled hackers, just a minor annoyance

simonhyll avatar Aug 05 '22 04:08 simonhyll

I think Con #1 is a real killer here, because it doesn't only give developers a false sense of security, but also any users they have mentioned it to.

chippers avatar Aug 05 '22 04:08 chippers

Due to the nature of delivering software to third party client machines, there is nothing that we or anybody can do to completely prevent obtaining that public key.

I Know i dont want prevent obtaining this public key, what i want that is not be replaced so for that we need hash verify that the sidecar binary was not modified , i know if someone with advance skill can replace verification function but it greate to have this in tauri side

H4shloop13 avatar Aug 07 '22 01:08 H4shloop13