Step::Status StepRecoverSignature::RecoveryReadonlyUpdateInstall() {
std::string error_message;
- PrivilegeLevel level = PrivilegeLevel::PLATFORM;
- bf::path signature_root =
- bf::path(GetRootAppPath(context_->is_readonly_package.get(),
- context_->uid.get())) / context_->pkgid.get();
- if (!ValidateSignatures(signature_root, &level,
+ PrivilegeLevel level = PrivilegeLevel::UNTRUSTED;
+ if (!ValidateSignatures(GetSignatureRoot(), &level,
&context_->certificate_info.get(), false,
&error_message)) {
LOG(ERROR) << "Failed to verify signature: " << error_message;
if (!RecoverSignatureFile(context_->pkgid.get(), false))
return Status::CERT_ERROR;
+ if (context_->is_readonly_package.get())
+ level = PrivilegeLevel::PLATFORM;
+
context_->privilege_level.set(level);
return Status::OK;
}