Re: Code Sign verification on Leopard
Re: Code Sign verification on Leopard
- Subject: Re: Code Sign verification on Leopard
- From: Charles Srstka <email@hidden>
- Date: Wed, 14 Oct 2009 23:42:13 -0500
On Oct 14, 2009, at 11:40 PM, Jeff Laing wrote:
Actually, heck, you wouldn't even need that. All a virus would have
to
do would be to move the binary somewhere else and put a binary in its
place that does something malicious and then launches the real
binary,
and the user would never tell the difference.
Unless, of course, the app checked its code signature.
Ok, I'll bite. How does the real binary checking its code signature
detect the case you just described? Its 100% byte for byte the
original executable, its just been moved somewhere else and as far
as I'm aware, code signatures do not include your location on disk.
You check the signature of the .app bundle, not the executable itself.
Charles
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden