• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: OS X 10.8 Security & Applescripts - "unidentified developer"
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OS X 10.8 Security & Applescripts - "unidentified developer"

  • Subject: Re: OS X 10.8 Security & Applescripts - "unidentified developer"
  • From: Alex Zavatone <email@hidden>
  • Date: Mon, 13 Aug 2012 18:06:16 -0400
Title: Re: OS X 10.8 Security & Applescripts - "unidentified developer"
Personally, I think this "every app is an island" approach of iOS, sandboxing, and "you can only write to these approved folders without user permission" now being pushed to the Mac OS, is a perfect example of security being done by people who don't know security.

Now, I damn sure well don't know how to "do" security, but it's approaches like these that prevent people from being productive and make the Mac OS something we merely tolerate, rather than actually like to use.

I want to save a file to the root of my HD.  It's MY DAMN HD.  LET ME DO IT.

I want to save a preference IN THE PREFERENCES FOLDER, not inside the app.  It's my code, it's my decision, LET ME DO IT.

It's moves like these that encourage people to make their money now and then get out of what's becoming a overly restrictive nanny state of an operating system.  And it's a damn shame.

On Aug 13, 2012, at 4:41 PM, Houston, Brad wrote:

Stepping back a moment from dealing with the problems associated with compliance with this new demand, can anyone tell me how this is a benefit to the world of scripting. It strikes me as simply another attempt to establish control where no control is needed, for the benefit of those who wish to hold control. Once that control is firmly established will come demands for money, to buy the certificate, or restrictions on what can be circulated so as to not threaten someone’s domination or authority. This, in a nutshell, is the history of man (and is almost always sold under the term “security”).

If we don’t trust a script, and/or can’t evaluate what it will actually do, DON’T RUN IT. End of security problem.

Brad


On 8/10/12 9:26 PM, "Todd V" <email@hidden> wrote:
I realized I was not removing write permissions from main.scpt but from the main .app itself. But I just removed write permissions from main.scpt before signing - using "chmod a-w" and then codesigning. I'm still getting the same error on Mountain Lion - "this file is damaged, You should move to trash."

I remember watching a tutorial about making sure to specify the bundleIdentifier in Info.plist before signing (so they match). Does it matter what I'm typing into the bundleIdentifer field in info.plist? How could I check this? Also, is there anything else I need in Info.plist I might be missing?


On Aug 10, 2012, at 7:44 PM, Shane Stanley wrote:

> On 11/08/2012, at 12:09 PM, Todd V <email@hidden> wrote:
>
>> Any thoughts on what I'm doing wrong? Am I missing a step?
>
> Did you remove write permissions from main.scpt before signing?
>
> One of the complications with AS is that scripts normally get written back to disk after running, to make properties persist. That's obviously not going to work with codesigning, so you have to stop it. You also have to write your scripts with lack of property persistence in mind.
>
> --
> Shane Stanley <email@hidden>
> 'AppleScriptObjC Explored' <www.macosxautomation.com/applescript/apps/>
>
>
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> AppleScript-Users mailing list      (email@hidden)
> Help/Unsubscribe/Update your Subscription:
> Archives: http://lists.apple.com/archives/applescript-users
>
> This email sent to email@hidden

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
AppleScript-Users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
Archives: http://lists.apple.com/archives/applescript-users

This email sent to email@hidden


The information contained in this message is intended only for the recipient, and may be a confidential attorney-client communication or may otherwise be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, please be aware that any dissemination or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify us by replying to the message and deleting it from your computer. The McGraw-Hill Companies, Inc. reserves the right, subject to applicable local law, to monitor, review and process the content of any electronic message or information sent to or from McGraw-Hill e-mail addresses without informing the sender or recipient of the message. By sending electronic message or information to McGraw-Hill e-mail addresses you, as the sender, are consenting to McGraw-Hill processing any of your personal data therein.
Do not post admin requests to the list. They will be ignored. AppleScript-Users mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: Archives: http://lists.apple.com/archives/applescript-users This email sent to email@hidden
References: 
 >Re: OS X 10.8 Security & Applescripts - "unidentified developer" (From: "Houston, Brad" <email@hidden>)

  • Prev by Date: Mail's mailbox list
  • Next by Date: Re: machine name and user
  • Previous by thread: Re: OS X 10.8 Security & Applescripts - "unidentified developer"
  • Next by thread: Re: OS X 10.8 Security & Applescripts - "unidentified developer"
  • Index(es):
    • Date
    • Thread