• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Code Signing for Mac application
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Code Signing for Mac application

  • Subject: Re: Code Signing for Mac application
  • From: "Paul Sanders" <email@hidden>
  • Date: Tue, 16 Feb 2010 14:18:44 -0000
AFAIK, the Mac does not check code signatures when it launches an app.  Even if it did, you would probably prefer it not to.  When an app is dragged to another folder, the Finder seems to add or modify something in the Resources folder, thus rendering the signature invalid.  I never got to the bottom of this - I could not reproduce it on my own machines - but it caused a lot of trouble in the field and lead me to abandon checking the validity of the signature (using codesign -v) in my own code.
 
Paul Sanders.
 
----- Original Message -----
From: "Gabriele de Simone" <email@hidden>
To: <email@hidden>
Sent: Tuesday, February 16, 2010 2:07 PM
Subject: Code Signing for Mac application

I'm having troubles implementing code signing for our Mac OS X application. Having watched WWDC Session 504, I went ahead and created my own certificate by following the instructions available in the docs (Code Signing Guide) and in the video itself. I then picked the certificate's name in my Xcode Code Signing build settings. All projects build fine and I can verify the results via codesign without getting any errors.
 
I was under the assumption that signing your code means that if the executable file or one of the non-localized resource files get modified, the OS would prevent the app from being run, and signal the user that something's wrong. Instead, I can insert random bits into the executable, modify the Info.plist or files in Resources without any warning at all. My app just runs as if Code Signing did nothing. Am I missing something big and obvious about how this technology works?
 
To be clear: I'm not using a custom rules file or custom identifier string. The executable and all helper files are in the MacOS directory. A couple more ".app"s are inside the "SharedSupport" directory.
 
Any help would be appreciated.
 
Gabe
Noise Industries, LLC _______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden 
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Code Signing for Mac application
      • From: Chris Suter <email@hidden>
    • Re: Code Signing for Mac application
      • From: Graham Lee <email@hidden>
    • Re: Code Signing for Mac application
      • From: Gabriele de Simone <email@hidden>
References: 
 >Code Signing for Mac application (From: Gabriele de Simone <email@hidden>)

  • Prev by Date: Re: Code Signing for Mac application
  • Next by Date: Re: Xcode File Templates
  • Previous by thread: Re: Code Signing for Mac application
  • Next by thread: Re: Code Signing for Mac application
  • Index(es):
    • Date
    • Thread