Codesigning everything and combatting malicious code

Michael keybounce at
Thu Mar 24 20:48:46 UTC 2022

I am still on a 10.9.5 system, and I am consistently seeing messages from sandbox in the system log that a certain program, that uses a helper program, cannot receive some messages because of a signing problem.

Would this be helped by using adhoc local signing when installing?

(nb: This is firefox ESR 52.9. Yes, I know it's old. There's no reasonable newer version for this old OS, and upgrading the OS breaks too many things.)

Mar 23 13:47:59 keybounceMBP appleeventsd[140]: <rdar://problem/11489077> A sandboxed application with pid 33358, "Firefox Web Content" checked in with appleeventsd, but its code signature could not be validated ( either because it was corrupt, or could not be read by appleeventsd ) and so it cannot receive AppleEvents targeted by name, bundle id, or signature. Error=ERROR: #-67061  { "NSDescription"="SecCodeCheckValidity() returned -67061, <SecCode 0x7f9963b28ae0 [0x10713af00]>." }  (handleMessage()/appleEventsD.cp #2072) client-reqs-q

Mar 23 13:47:59 keybounceMBP plugin-container[33358]: Failed to allocate communication port for; this is likely due to sandbox restrictions

More information about the macports-dev mailing list