-
Notifications
You must be signed in to change notification settings - Fork 4.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
System.Private.CoreLib.dll cannot be opened because the developer cannot be verified #38306
Comments
I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label. |
That is not a workaround for a similar problem. That code is to enable us to map pages from managed R2R compiled assemblies as executable. On Mojave hardened runtime, it is not allowed to create executable mappings directly from a file. So we have to create anonymous mapping that's executable and read the executable section data into it using pread. |
@janvorli My bad, I meant addresses the same problem. In other words, when I do mmap PROT_EXEC for a file with com.apple.quarantine xattr I see similar warning. |
@k15tfu can you please share steps that you do to repro the problem? I have just downloaded that tarball to my Mac Mini with macOS 10.15.5 and then created a hello world app using
And it worked fine. |
@janvorli I found something: for some reason this Steps to reproduce:
|
Ah, so downloading it via Safari causes the trouble. Download via wget from the command line that I was using works fine, it doesn't add the com.apple.quarantine. |
@janvorli Yes, exactly. BTW, why do you use I'm asking because in other case, if IsRunningOnMojaveHardenedRuntime is 1, the problem shouldn't exist. |
@k15tfu I have just noticed you have asked a question long time ago here. I am actually not sure if we really need com.apple.security.cs.allow-unsigned-executable-memory when we are also adding com.apple.security.cs.allow-jit. I've create a new issue #45677 for looking into that and I am closing this one. |
Hi!
When I unpack an official dotnet-sdk-5.0.100-preview.5.20279.10-osx-x64 archive I cannot build a simple app without tons of
*.dll cannot be opened because the developer cannot be verified
warnings for PE files on macOS 10.15. I found some code that uses pread in case of PROT_EXEC when IsRunningOnMojaveHardenedRuntime which looks like a workaround for the same problem (dotnet/coreclr#26193), but it's unclear for me how it's supposed to work with .dll(s) now.Can you shed some light on this? cc @janvorli @jkotas
Deleting com.apple.quarantine xattr helps to get rid of this.
The text was updated successfully, but these errors were encountered: