The security framework (http://felix.apache.org/site/apache-felix-framework-security.html) seems to check the bundle contents against the signatures at bundle install time. However it is possible to modify the bundle in the servicemix/data/cache and this does not throw any security exceptions when it is reloaded. For scenario where bundles are deployed to servicemix instances that are not on a trusted machine, the signed bundle if tampered with, should throw a security exception at the point that this bundle is reloaded into memory.
How to Test
I updated my signed bundle in "../apache-servicemix-4.4.1-fuse-03-06/data/cache/bundle219/version0.0/bundle.jar" with a new version of a class file. I restarted servicemix and I could see from the logging statement the new version of the class is picked up but no security exception is thrown.
When I tried to load a class manually from this tampered bundle using the standard java command:
So that looks like the jar is definitely signed and should be throwing an exception when reread from the servicemix/data/cache folder.