Default to 0644 when IPA entries have no Unix permissions#13
Merged
nythepegasus merged 1 commit intoMay 26, 2026
Merged
Conversation
IPAs zipped on Windows store NTFS attributes in the ZIP external file attributes and leave the Unix mode bits (the high 16 bits of external_fa) unset. unzipArchiveAtURL: then derived a permission of 0 from those entries and applied it with setAttributes:, leaving the extracted files with mode 0000. Subsequent reads during signing failed, surfacing to the user as "You don't have permission". Fall back to 0644 when no Unix mode bits are present so these archives extract with readable permissions. Fixes SideStore/SideStore#447
Author
|
Heads up for reviewers: both CI failures here are pre-existing and unrelated to this change.
The same failures occur on |
Member
|
CI builds aren’t strictly necessary here since we pull this as a dependency to be rebuilt within SideStore anyway, the CI was mostly an attempted formality, so no worries on failures here! |
nythepegasus
pushed a commit
to SideStore/SideStore
that referenced
this pull request
May 26, 2026
Update AltSign to include Windows IPA permissions fix Bumps the AltSign submodule to SideStore/AltSign#13, which makes unzipArchiveAtURL: fall back to 0644 when a ZIP entry carries no Unix mode bits (as produced by Windows zip tooling). Previously these entries extracted with mode 0000 and failed during signing with a "You don't have permission" error. Fixes #447
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
IPAs created with ZIP tooling on Windows store NTFS file attributes in the ZIP
external_fafield and leave the Unix mode bits (the high 16 bits) unset. WhenunzipArchiveAtURL:toDirectory:progress:error:extracts such an archive,(info.external_fa >> 16) & 0x01FFevaluates to0, and that mode is then applied viasetAttributes:. The extracted files end up with mode0000, so the later reads performed while signing the app fail with a permission error — which surfaces to users as "You don't have permission."This is a common report from people building IPAs on Windows.
Fix
When no Unix mode bits are present, fall back to
0644before applying permissions, so the archive extracts with readable files. Archives that carry valid Unix permissions are unaffected.Testing
Built SideStore against this change and installed an IPA that was previously failing with the permission error on a Windows-zipped build; it now extracts and installs cleanly. IPAs produced by Xcode (which carry proper Unix permissions) are unchanged.
Fixes SideStore/SideStore#447