• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: running ditto from firefox on snow leopard
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: running ditto from firefox on snow leopard

  • Subject: Re: running ditto from firefox on snow leopard
  • From: Damien Sorresso <email@hidden>
  • Date: Wed, 27 Jan 2010 08:54:17 -0800
On Jan 27, 2010, at 12:21 AM, Joel Reymont wrote:
> Damien,
>
> On Jan 27, 2010, at 7:44 AM, Damien Sorresso wrote:
>
>> By doing this, you're basically guaranteeing that Firefox can never participate in the code signing model.
>
> Firefox download partial updates right now, including binary code. It kicks off the updater once the download is done and updates itself. This prevents Firefox from participating in the code signing model so compression would not be much different.

With a partial update, you can update the code signature. You are talking about generated a new executable at launch-time and exec(3)ing that. That is different. Regardless of where it lives, the code that's executing will not be signed.

> What are the huge benefits to participating in code signing?

You attach a reliable identity to a piece of code.

>> Maybe you don't care right now, but then again, maybe one day you'll want to use the Keychain APIs.
>
> Is code signing a must to use the Keychain APIs? Can you please clarify?

You can update your application without the Keychain nagging the user that it has changed (as long as the signature is intact). Also, the ServiceManagement framework uses code signing to establish a handshake between an unprivileged application and a privileged helper tool that it's trying to install.

If Firefox gets a launch-time benefit from compression, it implies that Firefox's executable is structured in such a way that, when the kernel maps it in, it has to do a lot more work upfront than is normal. The overhead of decompressing the executable should exceed that of just launching it directly. After all, the HFS compression stuff was developed for files that are infrequently accessed, not hot files.
--
Damien Sorresso
BSD Engineering
Apple Inc.

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
References: 
 >running ditto from firefox on snow leopard (From: Joel Reymont <email@hidden>)
 >Re: running ditto from firefox on snow leopard (From: Damien Sorresso <email@hidden>)
 >Re: running ditto from firefox on snow leopard (From: Joel Reymont <email@hidden>)
 >Re: running ditto from firefox on snow leopard (From: Damien Sorresso <email@hidden>)
 >Re: running ditto from firefox on snow leopard (From: Joel Reymont <email@hidden>)

  • Prev by Date: Re: running ditto from firefox on snow leopard
  • Next by Date: AAC+ files support in itunes?
  • Previous by thread: Re: running ditto from firefox on snow leopard
  • Next by thread: AAC+ files support in itunes?
  • Index(es):
    • Date
    • Thread