SingleFile Bundler should use the managed Mach-O signer #110055
Labels
area-HostModel
Microsoft.NET.HostModel issues
in-pr
There is an active PR which will close this issue when it is merged
Milestone
The SingleFile bundler should use the managed Mach-O signer. The bundler uses codesign to both remove the signature and sign, and CreateAppHost uses the managed signer. If we enable ad-hoc singing on non-mac, we would have a signature in the singlefile apphost, but wouldn't be able to remove the signature before bundling or resign the final bundle, resulting in an executable with an invalid signature, which seems worse than unsigned.
At the very least, we should use the managed signer to remove the signature in the bundler.
The text was updated successfully, but these errors were encountered: