[tor-bugs] #32507 [Applications/Tor Browser]: Move closer to the way Mozilla is signing macOS bundles
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Nov 15 08:46:42 UTC 2019
#32507: Move closer to the way Mozilla is signing macOS bundles
-------------------------------------+-------------------------------------
Reporter: gk | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor | Version:
Browser | Keywords: tbb-security, tbb-sign,
Severity: Normal | GeorgKoppen201911
Actual Points: | Parent ID: #32504
Points: | Reviewer:
Sponsor: |
-------------------------------------+-------------------------------------
Mozilla is using a [https://searchfox.org/mozilla-
esr68/source/security/mac/hardenedruntime/codesign.bash bash script]
`codesign.bash` for signing macOS bundles. We should go over it and
include the finer-grained signing (different entitlement files being used
and sometimes entitlements are not even ready) into our setup.
(see: https://bugzilla.mozilla.org/show_bug.cgi?id=1593071 for important
changes to that bash script)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32507>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list