Hans-Christoph Steiner 525759b235 stop passing passphrases via args, instead use prepared files
Any process can read the process table, and can therefore see the entire
command line of any other process.  That means its a bad idea to ever put
passwords as part of a command line.  Python is executing keytool and
jarsigner command lines here, so now instead of putting the password on the
command line, a file is passed instead with suitable file permissions.
This should reduce the exposure a lot.  But still, sensitive passwords
should not be written to any text file.

This change requires OpenJDK-7 since the :file option to -storepass and
-keypass was only added in Java 7's keytool and jarsigner.
2014-03-31 21:02:42 -04:00
2010-10-21 23:26:38 +01:00
2014-03-07 15:21:28 +01:00

F-Droid is an installable catalogue of FOSS (Free and Open Source Software)
applications for the Android platform. The client makes it easy to browse,
install, and keep track of updates on your device.

The F-Droid server tools provide various scripts and tools that are used to
maintain the main F-Droid application repository. You can use these same tools
to create your own additional or alternative repository for publishing, or to
assist in creating, testing and submitting metadata to the main repository.

For documentation, please see the docs directory.

Alternatively, visit https://f-droid.org/manual/
Description
No description provided
Readme AGPL-3.0 48 MiB
Languages
Python 96.5%
Shell 2.6%
Java 0.7%
Dockerfile 0.1%