Help with Unsigned MacPorts App Bundles, on Big Sur and Monterey
Christopher Nielsen
mascguy at rochester.rr.com
Sun Jul 10 13:56:37 UTC 2022
> I’m still very new to the Big Sur and Monterey scene - particularly relative to development - and could use some assistance with the following ticket. But in short, when various apps are run, user files are inaccessible.
>
> https://trac.macports.org/ticket/65302 <https://trac.macports.org/ticket/65302>
>
> Given that our bundles are unsigned, this makes some sense. However, even when apps are granted full disk access via the “Security and Privacy” settings, access is still blocked.
>
> Yesterday I went a step further, and tried adding GateKeeper exceptions for MacPorts apps via ’spctl’. But that doesn’t cut the mustard, either. (Details in the ticket.)
>
> So… thoughts as to how we address this?
After reviewing existing portfiles, it looks like a few are explicitly using ad-hoc signing. And according to Apple’s docs, it sounds (?) like that should be sufficient. (At least for Big Sur and Monterey, anyway. Ventura may be more problematic, but let’s ignore the latter for now.)
Based on some quick tests, though, that doesn’t appear to be effective.
Does anyhow happen to know whether signing the app bundle alone should be enough? Or does every binary/dylib used by a given app, also need to be signed as well?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-dev/attachments/20220710/22d10be5/attachment.htm>
More information about the macports-dev
mailing list