Re: Using the security framework
Re: Using the security framework
- Subject: Re: Using the security framework
- From: Michael Ash <email@hidden>
- Date: Sat, 24 Jan 2009 21:29:24 -0500
On Sat, Jan 24, 2009 at 6:08 PM, Chris Hanson <email@hidden> wrote:
> Among other things, to be truly secure you must use a secure installation
> mechanism. Do not write your own install tool — it can't be made secure
> without itself being installed via a secure installation mechanism.
> Instead, use Installer.app for your installations since it's included with
> the operating system and not modifiable with normal user privileges.
I'm afraid I don't understand this advice. Could you explain what sort
of vulnerability would exist in a custom install tool that would not
exist when using Installer.app to install a custom package?
Mike
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden