Re: Revoking GateKeeper exceptions
Re: Revoking GateKeeper exceptions
- Subject: Re: Revoking GateKeeper exceptions
- From: Ken Thomases <email@hidden>
- Date: Fri, 27 Jul 2012 18:20:45 -0500
On Jul 27, 2012, at 5:29 PM, Chuck Soper wrote:
> Do have any recommendations on where to read more about using the spctl command? The man page shows over 20 parameters and has only 3 usage examples.
There's more discussion in Code Signing Guide: Code Signing Tasks – Using the spctl Tool to Test Code Signing:
<https://developer.apple.com/library/mac/documentation/Security/Conceptual/CodeSigningGuide/Procedures/Procedures.html#//apple_ref/doc/uid/TP40005929-CH4-DontLinkElementID_5>
> Also, on the spctl man page, in the FILES section, it explains where the
> current and initial distribution of the system policy databases are. Given
> that, would the following command reset it? Has only one tried this?
> sudo cp /var/db/.SystemPolicy-default /var/db/SystemPolicy
In theory, yes. In practice, I'd be hesitant. There may be processes actively running that are using the file. Replacing it may cause important information to be written to the no-longer-linked file. Or two separate system facilities that are supposed to interoperate may have inconsistent views of the state of things because one is referencing the unlinked file and the other is referencing the new file.
Regards,
Ken
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden