• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Code Sign verification on Leopard
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Code Sign verification on Leopard


  • Subject: Re: Code Sign verification on Leopard
  • From: David Duncan <email@hidden>
  • Date: Thu, 15 Oct 2009 08:56:52 -0700

On Oct 15, 2009, at 8:51 AM, Charles Srstka wrote:

Presumably, this would be more noticeable to the user than simply copying a binary file inside an opaque app bundle that most users never look inside.


The malicious code could also break the code sign checking APIs to always return 'true'.

When you aren't certain if the code your running is yours, you can't trust anything that it does, including telling you it is valid.
--
David Duncan
Apple DTS Animation and Printing


_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden


References: 
 >Code Sign verification on Leopard (From: Jakub Bednar <email@hidden>)
 >Re: Code Sign verification on Leopard (From: "email@hidden" <email@hidden>)
 >Re: Code Sign verification on Leopard (From: Jens Alfke <email@hidden>)
 >Re: Code Sign verification on Leopard (From: Charles Srstka <email@hidden>)
 >Re: Code Sign verification on Leopard (From: Clark Cox <email@hidden>)
 >Re: Code Sign verification on Leopard (From: Charles Srstka <email@hidden>)
 >RE: Code Sign verification on Leopard (From: Jeff Laing <email@hidden>)
 >Re: Code Sign verification on Leopard (From: Charles Srstka <email@hidden>)
 >Re: Code Sign verification on Leopard (From: "Clark S. Cox III" <email@hidden>)
 >Re: Code Sign verification on Leopard (From: Charles Srstka <email@hidden>)

  • Prev by Date: Re: Code Sign verification on Leopard
  • Next by Date: Re: Code Sign verification on Leopard
  • Previous by thread: Re: Code Sign verification on Leopard
  • Next by thread: Re: Code Sign verification on Leopard
  • Index(es):
    • Date
    • Thread