Re:Authorization once, and .dmg
Re:Authorization once, and .dmg
- Subject: Re:Authorization once, and .dmg
- From: Sak Wathanasin <email@hidden>
- Date: Thu, 17 Oct 2002 14:51:49 +0100
In reply to Peter Sichel's message of the 16/10/2002 at 21:56 -0400,
Notice the application goes to some effort to identify each tool
before authorizing it. I don't want to authorize a trojan horse
if someone replaces one of my tools in the bundle. Ideally, you
would sign the file containing each tool but this won't work
because the files may change when your tools are pre-bound.
To me, this is the Achilles heel of the whole process. If you must do
this "self-repair", why not do it from the original installer, which
can be signed (ie ask the user to re-install)? If the Finder can't
copy files without preserving permissions/modes, it's a bug and
should be fixed ASAP. I have to say I simply cannot understand why
Apple is treating this issue so lightly, instead preferring this
awful "self-repair" kludge.
Users really like drag-and-drop installs that just work or self repair.
Will they still like it if it's used as a vehicle to introduce a virus?
--
Sak Wathanasin
Network Analysis Limited
http://www.network-analysis.ltd.uk
Phone: (+44) 24 76 41 99 96 Mobile: (+44) 79 70 75 19 12
Fax: (+44) 24 76 69 06 90
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.