[PD-dev] Mac Os now requiring Apple signatures on all SW !?

Rich E reakinator at gmail.com
Sat May 18 02:11:27 CEST 2013


I think putting a 'validated' pd in the app store is a great idea, for both
pd-vanilla and pd-extended.  Just alot of work.

I believe, but am not certain, that dlopen will continue to work as long as
you play the 'app sandbox' game: if a user wants to load binaries from a
different location in a sandboxed app, they need to give permission.  Here
are the juicy details:

http://developer.apple.com/library/mac/#documentation/Security/Conceptual/AppSandboxDesignGuide/AppSandboxInDepth/AppSandboxInDepth.html#//apple_ref/doc/uid/TP40011183-CH3-SW5

of importance in there is 'Securty-Scoped Bookmarks'.

Note this isn't just Mac, you have to jump through the same hoops for
WinRT, which hasn't really caught on yet, but its a sign that the trend
nowadays is for a rediculously high level of securty, by default.


On Fri, May 10, 2013 at 7:21 PM, Jonathan Wilkes <jancsika at yahoo.com> wrote:

>
>
>
>
> ----- Original Message -----
> > From: Miller Puckette <msp at ucsd.edu>
> > To: Jonathan Wilkes <jancsika at yahoo.com>
> > Cc: "pd-dev at iem.at" <pd-dev at iem.at>
> > Sent: Friday, May 10, 2013 7:12 PM
> > Subject: Re: [PD-dev] Mac Os now requiring Apple signatures on all SW !?
> >
> >T hat  sounds sensible... sounds like I can probably do nothing for now
> (but
> > I'm worried they're going to progressively lock things down harder in
> > the
> > future... this isn't going in a good direction!)
>
> Well, if they decide to remove the easy workaround that would be a big
> enough change that we'll likely hear news from FSF and others.
>
> -Jonathan
>
> >
> > M
> >
> >>  Again, that adds credibility to a system that adds little more than a
> pain
> > for
> >>  users, and it distracts everyone other than bureaucrats.  Most users
> just
> > want to
> >>  download and run your software.
> >>
> >>  If a school sysadmin wants to misunderstand security and force
> instructors
> > to
> >>  go through the hoops, then the school or, at worst, the instructor
> should
> > pay you
> >>  to jump through the hoops and get a signing key.  The end user
> > shouldn't even be
> >>  aware of any of this, other than maybe seeing a link to the _trivial_
> > workaround
> >>  katja mentioned next to the version you currently have available.
> >>
> >>  -Jonathan
> >>
> >
>
> _______________________________________________
> Pd-dev mailing list
> Pd-dev at iem.at
> http://lists.puredata.info/listinfo/pd-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.puredata.info/pipermail/pd-dev/attachments/20130517/d39b04f8/attachment-0001.htm>


More information about the Pd-dev mailing list