[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: File integrity

Subject: Re: File integrity
From: Keith Duncan <email@hidden>
Date: Thu, 22 May 2008 11:57:04 +0100
Delivered-to: email@hidden
Delivered-to: email@hidden

is there a way to tell if my executable was launched by/attached to some other process?

You can use ptrace(2) with the PT_DENY_ATTACH request to prevent anyone from attaching and will kill the process if it is already being traced.

See http://steike.com/code/debugging-itunes-with-gdb/

This has been worked around using a simple kernel extension, I don't know what the current state of it is but it may not be that reliable.

file integrity

You can also use codesign(1) which will alert the user if your binary has been tampered with since the signing. Note that it doesn't prevent the user from launching your application and the functions for determining the integrity of your executable aren't public.

Keith
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/email@hidden

This email sent to email@hidden

Follow-Ups:
- Re: File integrity
  - From: Jean-Daniel Dupas <email@hidden>

References:
	>File integrity (From: email@hidden)

Prev by Date: Re: NSWindow in main nib.
Next by Date: Re: How to handle bad certificate error in NSURLDownload?
Previous by thread: Re: File integrity
Next by thread: Re: File integrity
Index(es):
- Date
- Thread

Home