Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SingleFile Bundler should use the managed Mach-O signer #110055

Open
jtschuster opened this issue Nov 21, 2024 · 0 comments · May be fixed by #110417
Open

SingleFile Bundler should use the managed Mach-O signer #110055

jtschuster opened this issue Nov 21, 2024 · 0 comments · May be fixed by #110417
Assignees
Labels
area-HostModel Microsoft.NET.HostModel issues in-pr There is an active PR which will close this issue when it is merged
Milestone

Comments

@jtschuster
Copy link
Member

The SingleFile bundler should use the managed Mach-O signer. The bundler uses codesign to both remove the signature and sign, and CreateAppHost uses the managed signer. If we enable ad-hoc singing on non-mac, we would have a signature in the singlefile apphost, but wouldn't be able to remove the signature before bundling or resign the final bundle, resulting in an executable with an invalid signature, which seems worse than unsigned.

At the very least, we should use the managed signer to remove the signature in the bundler.

@jtschuster jtschuster added the area-HostModel Microsoft.NET.HostModel issues label Nov 21, 2024
@jtschuster jtschuster added this to the 10.0.0 milestone Nov 21, 2024
@jtschuster jtschuster self-assigned this Nov 21, 2024
@jtschuster jtschuster linked a pull request Dec 9, 2024 that will close this issue
@dotnet-policy-service dotnet-policy-service bot added the in-pr There is an active PR which will close this issue when it is merged label Dec 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area-HostModel Microsoft.NET.HostModel issues in-pr There is an active PR which will close this issue when it is merged
Projects
Status: No status
Development

Successfully merging a pull request may close this issue.

1 participant