Re: Code Signing for Mac application
Re: Code Signing for Mac application
- Subject: Re: Code Signing for Mac application
- From: "Paul Sanders" <email@hidden>
- Date: Tue, 16 Feb 2010 16:01:59 -0000
I can't quote you chapter and verse - as I say, I cannot
reproduce it here - but it happened at a number of user sites
and caused a lot of grief. Also, you need to take the utmost
care with the installer. If any 'stale' files remain from an
older install (perhaps you dropped a resource or two in a later
version) then your code signature is invalidated. And if a user
should drop a file into your resources folder...
No, it's just too fragile, sorry.
Paul Sanders.
----- Original Message -----
From: "Graham Lee" <email@hidden>
To: "Paul Sanders" <email@hidden>
Cc: "Xcode Users" <email@hidden>
Sent: Tuesday, February 16, 2010 3:20 PM
Subject: Re: Code Signing for Mac application
On 16 Feb 2010, at 14:18, Paul Sanders wrote:
> AFAIK, the Mac does not check code signatures when it launches
> an app. Even if it did, you would probably prefer it not to.
> When an app is dragged to another folder, the Finder seems to
> add or modify something in the Resources folder, thus
> rendering the signature invalid.
If that really happens it would break a lot of apps for a lot of
people - it'd be interesting to find out what your users are
seeing. But probably no longer related to use of Xcode...there's
an apple-cdsa list for discussing the security architecture (and
the guy behind code signing hangs out there, he'd definitely
want your bugreport number for that issue).
Cheers,
Graham.
--
Graham Lee
http://blog.securemacprogramming.com/
Coming soon - Professional Cocoa Application Security
http://eu.wiley.com/WileyCDA/WileyTitle/productCd-0470525959.html
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden