Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: Security With Show Package Contents?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security With Show Package Contents?

Subject: Re: Security With Show Package Contents?
From: Graham Lee <email@hidden>
Date: Mon, 12 Jan 2009 17:49:47 +0000
Acceptlanguage: en-US, en-GB
Thread-topic: Security With Show Package Contents?

On 12/01/2009 17:25, "Michael Ash" <email@hidden> wrote:

> On the Mac code signing is just a way for users to be able
> to trust that an app is from who it says it's from.

I agree that it the underlying technology has the capability to provide
that, I'm not sure that code signing on the Mac currently does provide that
trust. AFAICT it currently only lets users trust that app v1.0.1 came from
the same people as app v1.0, and only then thanks to the _lack_ of any UI
which would appear in the failure case - and only _THEN_ if the app tries to
perform one of a small number of privileged operations.

Cheers,
Graham.

--
Graham Lee
Senior Macintosh Software Engineer, Sophos Plc.
+44 1235 540266
http://www.sophos.com/

Sophos Plc, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, United Kingdom.
Company Reg No 2096520. VAT Reg No GB 348 3873 20.
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

References:
	>Re: Security With Show Package Contents? (From: "Michael Ash" <email@hidden>)

Prev by Date: NSRuleEditor bindings
Next by Date: Re: Disabled button looks like enabled
Previous by thread: Re: Security With Show Package Contents?
Next by thread: debugging hard-to-locate error in NSApplication delegate
Index(es):
- Date
- Thread