Re: File integrity
Re: File integrity
- Subject: Re: File integrity
- From: Jean-Daniel Dupas <email@hidden>
- Date: Thu, 22 May 2008 13:22:21 +0200
Le 22 mai 08 à 12:57, Keith Duncan a écrit :
is there a way to tell if my executable was launched by/attached to
some other process?
You can use ptrace(2) with the PT_DENY_ATTACH request to prevent
anyone from attaching and will kill the process if it is already
being traced.
See http://steike.com/code/debugging-itunes-with-gdb/
This has been worked around using a simple kernel extension, I don't
know what the current state of it is but it may not be that reliable.
file integrity
You can also use codesign(1) which will alert the user if your
binary has been tampered with since the signing. Note that it
doesn't prevent the user from launching your application and the
functions for determining the integrity of your executable aren't
public.
Keith
There is absolutly no way to completly prevent an user to launch your
application. If he really want, he can resign the app with is own
signature. You can add a check, he can change your binaty to bypass it.
You can just do it a little harder, but as long as the user can do
whatever he want with your executable, he can launch and decompile it.
Don't lose to much time to discourage hackers, it's barely always
useless.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden