Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Re: Code Signing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Code Signing

Subject: Re: Code Signing
From: Charles Srstka <email@hidden>
Date: Mon, 7 Sep 2009 05:07:41 -0500

On Sep 6, 2009, at 6:22 PM, Chris Suter wrote:

It's important to remember that code signatures are not really there
to prevent malware from running, or make it harder for hackers (since
it's trivial to remove a code signature or replace them other valid
signatures).

Well, you can always check that the signature is yours and not someone else's at app startup.

Charles

P.S. I know it's trivial to replace the signature with another signature, but to remove a signature? Are Apple's APIs really able to do that, or are you just talking about hacking the Mach-O file directly? I didn't see anything like that in the APIs. _______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden



References:  
  >Code Signing (From: Peter Hudson <email@hidden>)
  >Re: Code Signing (From: Chris Suter <email@hidden>)




Prev by Date:
Finding nearby places

Next by Date:
Re: Code Signing

Previous by thread:
Re: Code Signing

Next by thread:
Re: Code Signing

Index(es):

Date
Thread