I'm sorry, I don't have that information. I realise I should
have collected it but I didn't. I was in a situation where I
need to take prompt action. What I do have is emails from users
who moved my app to another folder and then reported the 'This
application has been tampered with' message that I (used to)
display when codesign fails to verify my code signature. I saw
some codesign output that confirmed this but I did not, and do
not, have access to an application bundle that was affected in
this way.
Because of these (painful!) experiences, I have lost interest in
signing my code and do not intend to pursue it. But, now I
think about it, I could have been being fooled yet another
Package Maker 'relocation' feature (new on Snow Leopard, yuk),
which we did not know about at the time and had failed to turn
off in the release affected. Our installer starts off by
clearing out /Applications/VinyStudio/Contents/Resources and if
the installation was subsequently redirected behind our back
there might have been some stale files left in the target
resources folder. Maybe that was it, I'm not sure.
I'm not sniping at anyone here. I said it three times because
people asked me three times. I am just saying that, in my
experience, signed code is fragile. It's in the nature of a
bundle that files might get added or left behind from an older
install. Maybe codesign should ignore any files added since the
bindle was signed. What harm could it do?
Paul Sanders.
----- Original Message -----
From: "Chris Espinosa" <email@hidden>
To: "Paul Sanders" <email@hidden>
Cc: "XCode Users" <email@hidden>
Sent: Tuesday, February 16, 2010 6:06 PM
Subject: Re: Code Signing for Mac application
On Feb 16, 2010, at 8:01 AM, Paul Sanders wrote:
I can't quote you chapter and verse - as I say, I cannot
reproduce it here - but it happened at a number of user sites
and caused a lot of grief.
You've repeated this three times now, but so far as we know, it
just isn't true. If you have had this experience, please file a
bug report at http://bugreporter.apple.com with Steps to
Reproduce and some evidence of what resource is changed, and the
System Profiler file of the machine on which it is occurring.
No Finder action should change the contents of the Resources
directory of an application bundle.
Chris=
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden