Apple ARM binary codesign issue

[Ryan Schmidt]

On Sep 22, 2020, at 14:52, Ken Cunningham wrote:

> On 2020-09-22, at 11:58 AM, Ryan Schmidt wrote:
>> 
>> I hope that Apple fixes their toolchain to work without such intervention.
> 
> I believe this may ultimately come under the category of "intended behaviour". 

To me it seems unrealistic for Apple to suggest that an infinite number of open source projects, many of whose developers have never seen a Mac, should now add code to their build systems to codesign things on macOS. Apple made a point of stating during WWDC that they love open source software; imposing busy work on the open source community is not a good way to show that love.

Part of the problem is that I don't understand what codesigning is for. I understand that for distribution in the app store I would codesign an app with my identity. Apple can then revoke apps I've signed if it turns out I've released malicious software. Great, but here we're not talking about signing with an identity, we're talking about ad-hoc signing. All that proves is that the binary hasn't been modified. That's good; it'll protect against corrupted files getting used. But how would it stop malicious code? Couldn't the malicious party just codesign it again after changing it?