Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: Code Sign verification on Leopard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Code Sign verification on Leopard

Subject: Re: Code Sign verification on Leopard
From: Charles Srstka <email@hidden>
Date: Wed, 14 Oct 2009 02:37:37 -0500

On Oct 13, 2009, at 10:41 AM, Jens Alfke wrote:

This code sample seems to be designed to verify the binary that it's compiled into. That's sort of useless for security purposes, like yelling downstairs "are you a burglar?" If your own code's already been modified, it's easy enough for the hacker to disable the code that does the checking

Well yeah, if the hacker is specifically targeting your app. However, if the app gets infected by a virus or something, it won't be doing that, and your code signing check will catch it. So it's not completely useless for security purposes.

Charles
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden


Follow-Ups:

Re: Code Sign verification on Leopard
From: Clark Cox <email@hidden>


References:  
  >Code Sign verification on Leopard (From: Jakub Bednar <email@hidden>)
  >Re: Code Sign verification on Leopard (From: "email@hidden" <email@hidden>)
  >Re: Code Sign verification on Leopard (From: Jens Alfke <email@hidden>)




Prev by Date:
Re: How to iterate over all objects stored with NSCoder

Next by Date:
Re: NSString Class Instance Variables

Previous by thread:
Re: Code Sign verification on Leopard

Next by thread:
Re: Code Sign verification on Leopard

Index(es):

Date
Thread