To make the correct decisions, you have to understand that a signature is only required for the file that user downloads from the internet. This applies to single bundle and folder archives as well as to the folder installer with signed launchers enabled. If you rely on the validity of the signature of the application bundle, you have to ensure that these files remain untouched. vmoptions files in signed bundles cannot be changed anymore without breaking the signature. If you really need a signed launcher, you have to switch to the “Mac OS X single bundle” archive. Previously all these files did not influence the signature (you can see that this was a bad idea), but now everything in the bundle must be signed. The installer installs variable files into the bundle and of course it cannot update the signature of the bundle. The application bundle that is installed by a “Mac OS X single bundle” installer cannot be signed anymore.However, this change may have consequences for your install4j projects:
We have implemented v2 signatures in install4j 5.1.13, so you can already create application bundles that will work with the upcoming disruptive releases of Mac OS X. The means that if your application bundle is signed with the new scheme it will work in Mac OS 10.8, 10.9 and 10.10 – and hopefully even with future versions of Mac OS X. On the upside, the v2 signature is backwards compatible with older versions of Mac OS X. Only applications with a v2 signature will be accepted by Gatekeeper starting with Mac OS X 10.9.5. The bad news is that all existing signatures are going to break. An attacker could change the JAR files in the application bundle and the signature of the application bundle would remain valid.
The utility of the old signature was highly questionable, because it allowed unsigned and modifiable files in the application bundle. The good news is that the new signature is much better from a security point of view. Apple has decided to introduce a new signing scheme in the upcoming Mac OS X 10.9.5 maintenance release.
0 kommentar(er)
