• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: GUI for codesign tool?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: GUI for codesign tool?

  • Subject: Re: GUI for codesign tool?
  • From: Alastair Houghton <email@hidden>
  • Date: Wed, 23 Jan 2008 17:12:42 +0000
On 23 Jan 2008, at 16:44, Bill Cheeseman wrote:

on 2008-01-23 9:10 AM, Alastair Houghton at email@hidden
wrote:

I think the gist of it is that your sub-applications should be signed
separately, and so they shouldn't be in the Resources folder.

I'll look at the video; thanks for the reference. My notes from the session
don't shed any light on this, and my memory of the session is NULL (or maybe
nil).

The location of the helper app in my app package does not appear to affect
my ability to run the codesign tool on it. In fact, I have successfully run
codesign separately on the two helper app packages in my app package's
Resources folder, and also on the separate auxiliary executable (i.e., not
the principal executable) in my app package's MacOS folder. Running codesign
with the -v (verify) option indicates that they were successfully signed.

I think the recommendation is probably for a few reasons (none of which were made explicit in the session, as far as I recall; there was just an admonishment to put things in the right places):

1. Efficiency. You'll be including your other packages in the Resources folder, which is "sealed", so the verification process (for the main app) will have to check all the files in the other packages (pretty much without exception).

2. Resource behaviour. I *think* you might find that the behaviour wrt resources in the auxiliary apps' packages is probably sub-optimal, at least from the perspective of the signature of the main application. e.g. if you delete all the German resources from your application, you may find that the signature breaks if you had auxiliary apps with German resources in the Resources folder.

3. There are circumstances where the system may modify an unsigned application. e.g. if one of your auxiliary apps uses the keychain on Leopard, the security system will sign the application---if what I've read/listened to is true---and if that happens and the auxiliary app is in the Resources folder, I think it'll break the signature on your main application.

I should say that I'm no expert on this. Chris and I have just been looking into signing iDefrag and iPartition, which is why this particular question is of interest to both of us at the moment.

Kind regards,

Alastair.

--
http://alastairs-place.net


_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >Re: GUI for codesign tool? (From: Bill Cheeseman <email@hidden>)






    

  • Prev by Date:
Re: -fobj-gc ('Supported'),	Controlling which mode Xcode runs your app in

    • 

  • Next by Date:
Re: Missing file or directory: No kidding, I just removed it!

    • 

  • Previous by thread:
Re: GUI for codesign tool?

    • 

  • Next by thread:
Re: GUI for codesign tool?

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •