• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Using the security framework
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using the security framework

  • Subject: Re: Using the security framework
  • From: Joe Turner <email@hidden>
  • Date: Sat, 24 Jan 2009 23:58:54 -0600
But you can also code sign nowadays
On Jan 24, 2009, at 11:54 PM, Chris Hanson wrote:

On Jan 24, 2009, at 6:29 PM, Michael Ash wrote:

On Sat, Jan 24, 2009 at 6:08 PM, Chris Hanson <email@hidden> wrote:
Among other things, to be truly secure you must use a secure installation
mechanism. Do not write your own install tool — it can't be made secure
without itself being installed via a secure installation mechanism.
Instead, use Installer.app for your installations since it's included with
the operating system and not modifiable with normal user privileges.

I'm afraid I don't understand this advice. Could you explain what sort
of vulnerability would exist in a custom install tool that would not
exist when using Installer.app to install a custom package?

Because Installer.app is installed by the operating system you can - if you've taken appropriate security measures to begin with - be reasonably certain that it hasn't been tampered with.

When writing your own install tool, you have a bootstrapping problem: You will eventually need to have the user authorize some untrusted code to run as root - code that could have been modified behind the user's back.

An installer package could also have been writable by the user, but modern packages can be signed so their integrity can be checked.

 -- Chris

_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden


_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden






References: 


 >Using the security framework (From: Joe Turner <email@hidden>)


 >Re: Using the security framework (From: Chris Hanson <email@hidden>)


 >Re: Using the security framework (From: Joe Turner <email@hidden>)


 >Re: Using the security framework (From: Chris Hanson <email@hidden>)


 >Re: Using the security framework (From: Michael Ash <email@hidden>)


 >Re: Using the security framework (From: Chris Hanson <email@hidden>)






    

  • Prev by Date:
Re: Using the security framework

    • 

  • Next by Date:
Re: Forcing allocation of a subclass

    • 

  • Previous by thread:
Re: Using the security framework

    • 

  • Next by thread:
Re: Using the security framework

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •