
26 Oct
2015
26 Oct
'15
5:54 p.m.
On Oct 26, 2015, at 10:23 AM, Ian Goldberg <iang@cs.uwaterloo.ca> wrote:
On Mon, Oct 26, 2015 at 06:06:36AM -0700, Mike Perry wrote:
Essentially, codesign only touches executable binaries in the .app (see that second link for info on how the binary's segments get moved around) and also adds an SC_Info directory for codesign/DRM metadata.
Wait; does that mean that things like configuration files, plugins, etc. are *not* signed?
They are signed. All resources in a bundle (e.g. an app or framework) are signed and the signatures are stored in a file named "CodeResources”: https://developer.apple.com/library/mac/documentation/Security/Conceptual/Co... Conrad