site_archiver@lists.apple.com Delivered-To: installer-dev@lists.apple.com On vendredi, décembre 30, 2005, at 07:19 PM, Patrick Litterst wrote: _______________________________________________ Do not post admin requests to the list. They will be ignored. Installer-dev mailing list (Installer-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/installer-dev/site_archiver%40lists.a... I'm trying to create an updater that will install an application only if a previous version of the application exists on the user's machine. However, it seems that if a previous version does not exist (and so the install fails as a result), the user can still go into the contents of the .pkg and unarchive the Archive.pax.gz, and get the application even if they do not have a previous version of the application on their computer. Is there a way to prevent this? They could also used Pacifist to extract the package wherever they want to. The only solution AFAIK would be not to have the real application in the archive and do something like: 1) In the preflight script, compute a md5 checksum of the previous installed version. 2) Install an encrypted version of the application (encryption would have been made using the md5 key) 3) In the postflight script, decrypt the encrypted binary using the md5 checksum. This email sent to site_archiver@lists.apple.com