Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add kext codesignatureVerification #264

Closed
wants to merge 1 commit into from
Closed

Add kext codesignatureVerification #264

wants to merge 1 commit into from

Conversation

arubdesu
Copy link
Member

@arubdesu arubdesu commented Apr 3, 2016

Currently the CodeSigVerifier processor only allows app bundles to have the code signature checked. This expands file types to allow signed kexts to be checked as well.

@arubdesu
Add kext codesignatureVerification
33f9d02 
Currently the CodeSigVerifier processor only allows app bundles to have
their code signature checked. This expands file types to allow signed
kexts to be checked as well.
@arubdesu
Copy link
Member Author

arubdesu commented Apr 3, 2016

Paging @hjuutilainen

@gregneagle
Copy link
Contributor

Where are you finding a "naked" kext? They should be inside signed pkgs....

@arubdesu arubdesu mentioned this pull request Apr 3, 2016
Closed
@arubdesu
Copy link
Member Author

arubdesu commented Apr 3, 2016

Santa's pkg isn't signed at present, so I'd need to check their .app bundle and .kext individually. I'm commenting out the relevant part of the recipe for now, and have pinged those folks to see if they could release signed pkgs in the future.

@hjuutilainen
Copy link
Contributor

I'm fine with this change. I'd even support the decision to only check file extensions for passing to pkgutil and feed everything else to codesign. At some point I'd like to separate these two kind of signature checks to their own processors but that's a discussion for a whole different PR.

@arubdesu
Copy link
Member Author

This is resolved in my recipe, we can close this and say 'whenever Hannes is inspired to update the processor he'll do so'.

@arubdesu arubdesu closed this May 10, 2016
@arubdesu arubdesu deleted the add-kext-codesigverif branch June 10, 2016 15:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@arubdesu @gregneagle @hjuutilainen