[tor-dev] [FWD: Re: Apple developer account + codesigning]

Nima Fatemi nima at riseup.net
Tue Oct 27 09:27:51 UTC 2015

Ian Goldberg:
> On Mon, Oct 26, 2015 at 06:06:36AM -0700, Mike Perry wrote:
>> Essentially, codesign only touches executable binaries in the .app (see
>> that second link for info on how the binary's segments get moved around)
>> and also adds an SC_Info directory for codesign/DRM metadata.
> Wait; does that mean that things like configuration files, plugins, etc.
> are *not* signed?

There's a --deep option in `codesign` for this purpose.

From the man page:

	When signing a bundle, specifies that nested code content such as
helpers, frameworks, and plug-ins, should be recursively signed in turn.
Beware that all signing options you specify will apply, in turn, to such
nested content.

0XC009DB191C92A77B | @mrphs

"I disapprove of what you say, but I will defend to the death your right
to say it" --Evelyn Beatrice Hall

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20151027/8086c5aa/attachment.sig>

More information about the tor-dev mailing list