> I just wonder - how does the detection of the "sameness" work?
> Couldn't a hostile attacker name an app the same name as some
> probably pre-authorized app and then retrieve keys without
> detection? Or am I missing some part in the security concept that
> makes this a non-issue?
Basically some kind of hash is taken of
the canonical application. So any change to the application's code
at the very least should be picked up.
But all that does it lead to telling the user that the app appears
have to beeen updated and if he wants to let the new version have the
same access rights, I suppose. Meaning that if I provide a fake
Finder, the user will just be told that Finder has been updated and
the user sees nothing unnormal in that and grants access without a
password quest, right?
But then, I guess that's not much different from any other kind of
trojan horse that pretends to be the Finder and asks for a password.
Most "normal" computer users won't be able to see a problem in that
and are willingly providing the password because the computer (or even
a trusted app!) asked them to.
http://www.tempel.org/rb/ -- The primary source of outdated REALbasic
plugins and examples
Skype: tempel.org AIM: superTempel
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden