[OSX] Sign the .app with an Apple developer certificate
Moderator: NBJeff
[OSX] Sign the .app with an Apple developer certificate
Apple's new Gatekeeper feature in Mountain Lion requires .apps to be signed with a developer certificate. You can get around this fairly easily as the user, but it's something you should do for future releases. You will need to sign up for a Mac developer account for 50 quid or so to get a certificate.
The gatekeeper doesn't "require" an app to be signed... It requires it by default but can be disabled. I know you mentioned the user can get around it, but I'm against this politic.
*** Totally off topic here *** To show you I totally agree with you on that matter, personally, I'm very much concerned about what Microsoft is cooking with it's closed windows 8 system, as much as I'm concerned with the fact Apple could block programs that are not signed. I'm against this politic and will not dare to switch to Linux should they end up with such a solution *** End of off topic ***
That being said, I'm against the signed apps. Just a matter for Apple to do even more money. I prefer IV keeps the 50 bucks and do something more useful with it. Oh, and for the short story, I'm under Mountain Lion
*** Totally off topic here *** To show you I totally agree with you on that matter, personally, I'm very much concerned about what Microsoft is cooking with it's closed windows 8 system, as much as I'm concerned with the fact Apple could block programs that are not signed. I'm against this politic and will not dare to switch to Linux should they end up with such a solution *** End of off topic ***
That being said, I'm against the signed apps. Just a matter for Apple to do even more money. I prefer IV keeps the 50 bucks and do something more useful with it. Oh, and for the short story, I'm under Mountain Lion
I don't understand how someone could be against the signed app. One of the things it does is It ensures the executable has not been modified before you run it.
I am certain they will sign it but of course it probably doesn't make sense at this stage. It's not game breaking and we're using an alpha so we shouldn't expect that everything is "final delivery quality".
How could they afford to release an app that a normal person would not be able to run by simply double clicking it? Gatekeeper's a good thing. It has nothing to do with closed systems and everything to do with security.
I am certain they will sign it but of course it probably doesn't make sense at this stage. It's not game breaking and we're using an alpha so we shouldn't expect that everything is "final delivery quality".
How could they afford to release an app that a normal person would not be able to run by simply double clicking it? Gatekeeper's a good thing. It has nothing to do with closed systems and everything to do with security.
-
- level1
- Posts: 13
- Joined: Thu Sep 27, 2012 5:33 am
- Location: United States
- Contact:
Linux has been app signing for years, although as usual it's free-as-in-beer. It's the only way to be sure that you're downloading what the developer says they posted and not something else. The "entry fee" for an apple developer account is so low that the additional security will be hugely helpful. The ability to get the game into the app store worldwide would probably boost sales in excess of the fee for joining the program.
gepeto wrote:I don't understand how someone could be against the signed app. One of the things it does is It ensures the executable has not been modified before you run it.
How could they afford to release an app that a normal person would not be able to run by simply double clicking it? Gatekeeper's a good thing. It has nothing to do with closed systems and everything to do with security.
And you'd be horribly wrong.
gepeto wrote:I don't understand how someone could be against the signed app. One of the things it does is It ensures the executable has not been modified before you run it.
I am certain they will sign it but of course it probably doesn't make sense at this stage. It's not game breaking and we're using an alpha so we shouldn't expect that everything is "final delivery quality".
How could they afford to release an app that a normal person would not be able to run by simply double clicking it? Gatekeeper's a good thing. It has nothing to do with closed systems and everything to do with security.
And Microsoft, who I like, have app signing by choice but just because an app is signed doesn't mean it won't crash. The signing, the certificates can all be faked. Again, it's just a way for Apple to keep in control and make more money from developers.
-
- level0
- Posts: 4
- Joined: Tue Nov 29, 2011 11:43 pm
People say that linux is signing? i would not call chmod signing, it's simply giving users priviliges to execute (or read/write) a file.
I do not like signing apps, i do not like the buisness of doing such things, and i am glad that i switched to linux on my laptop (my desktop is for gaming, and steam isn't on linux... YET)
I do not like signing apps, i do not like the buisness of doing such things, and i am glad that i switched to linux on my laptop (my desktop is for gaming, and steam isn't on linux... YET)
-
- level0
- Posts: 3
- Joined: Wed Sep 26, 2012 7:53 pm
Delusional Logic wrote:People say that linux is signing? i would not call chmod signing, it's simply giving users priviliges to execute (or read/write) a file.
I do not like signing apps, i do not like the buisness of doing such things, and i am glad that i switched to linux on my laptop (my desktop is for gaming, and steam isn't on linux... YET)
No, when you install something from the package manager, you generally get a signed key and hashes are compared to make sure that the file you are downloading matches what the server expects. What you are talking about has nothing to do with signing.
This is different than what MS wants to do with certification (which means the app has passed a series of tests and shouldn't randomly crash or cause problems with Windows or Gatekeeper (which means that the actual binary hasn't been modified). There are some signing implementations for Linux but it's not widely used.
Who is online
Users browsing this forum: No registered users and 11 guests