Re: Prevent user from accessing Archive.pax.gz?
Re: Prevent user from accessing Archive.pax.gz?
- Subject: Re: Prevent user from accessing Archive.pax.gz?
- From: Stéphane Sudre <email@hidden>
- Date: Fri, 30 Dec 2005 19:57:40 +0100
On vendredi, décembre 30, 2005, at 07:19 PM, Patrick Litterst wrote:
I'm trying to create an updater that will install an application only
if a previous version of the application exists on the user's machine.
However, it seems that if a previous version does not exist (and so
the install fails as a result), the user can still go into the
contents of the .pkg and unarchive the Archive.pax.gz, and get the
application even if they do not have a previous version of the
application on their computer. Is there a way to prevent this?
They could also used Pacifist to extract the package wherever they want
to.
The only solution AFAIK would be not to have the real application in
the archive and do something like:
1) In the preflight script, compute a md5 checksum of the previous
installed version.
2) Install an encrypted version of the application (encryption would
have been made using the md5 key)
3) In the postflight script, decrypt the encrypted binary using the md5
checksum.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Installer-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden