Ian Goldberg: > On Mon, Oct 26, 2015 at 06:06:36AM -0700, Mike Perry wrote: >> Essentially, codesign only touches executable binaries in the .app (see >> that second link for info on how the binary's segments get moved around) >> and also adds an SC_Info directory for codesign/DRM metadata. > > Wait; does that mean that things like configuration files, plugins, etc. > are *not* signed? There's a --deep option in `codesign` for this purpose. From the man page: When signing a bundle, specifies that nested code content such as helpers, frameworks, and plug-ins, should be recursively signed in turn. Beware that all signing options you specify will apply, in turn, to such nested content. Best, -- Nima 0XC009DB191C92A77B | @mrphs "I disapprove of what you say, but I will defend to the death your right to say it" --Evelyn Beatrice Hall
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev