Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: File integrity


Le 22 mai 08 à 12:57, Keith Duncan a écrit :

is there a way to tell if my executable was launched by/attached to some other process?

You can use ptrace(2) with the PT_DENY_ATTACH request to prevent anyone from attaching and will kill the process if it is already being traced.

See http://steike.com/code/debugging-itunes-with-gdb/

This has been worked around using a simple kernel extension, I don't know what the current state of it is but it may not be that reliable.

file integrity

You can also use codesign(1) which will alert the user if your binary has been tampered with since the signing. Note that it doesn't prevent the user from launching your application and the functions for determining the integrity of your executable aren't public.

Keith

There is absolutly no way to completly prevent an user to launch your application. If he really want, he can resign the app with is own signature. You can add a check, he can change your binaty to bypass it.
You can just do it a little harder, but as long as the user can do whatever he want with your executable, he can launch and decompile it.

Don't lose to much time to discourage hackers, it's barely always useless.



_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/email@hidden

This email sent to email@hidden
References: 
 >File integrity (From: email@hidden)
 >Re: File integrity (From: Keith Duncan <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.