From 882e0d76d0dd1820114f6434c25271938dc1d4c0 Mon Sep 17 00:00:00 2001 From: saturneric Date: Thu, 19 Jun 2025 04:06:57 +0200 Subject: docs(advanced): add module self-check documentation - describe signature verification for integrated modules - explain handling of user-defined/third-party modules - add security note about custom module directory - include tip for sensitive environments --- src/content/docs/advanced/app-self-check.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/src/content/docs/advanced/app-self-check.md b/src/content/docs/advanced/app-self-check.md index 773cff5..7cff0a1 100644 --- a/src/content/docs/advanced/app-self-check.md +++ b/src/content/docs/advanced/app-self-check.md @@ -84,6 +84,30 @@ installation, but runtime self-validation is not possible. Flatpak packages use their own signature and sandboxing mechanisms, which offer a certain degree of integrity protection within the Flatpak ecosystem. +## Modules and Self-Check + +When Application Self-Check is enabled, integrated modules (official modules +bundled with GpgFrontend) will also be subject to digital signature +verification. Any integrated module (DLL) that is not properly code-signed will +be refused and not loaded at runtime. This ensures that all official components +maintain the same high standard of integrity and authenticity as the core +application. + +However, user-defined or third-party custom modules are not subject to this +strict signature requirement. GpgFrontend will allow unsigned user modules to +load, recognizing that developers may not have access to code signing +certificates during development. This is intended to lower the barrier for open +development and community contributions. + +:::tip[Note] + +For maximum security, users deploying GpgFrontend in sensitive environments +should periodically check the custom module directory for any unexpected or +untrusted DLL files. If you do not use third-party modules, you can delete or +lock down the custom module directory to eliminate this potential risk surface. + +::: + ## Security Note Application Self-Check adds an important layer of security by helping ensure -- cgit v1.2.3