Questions about code signing

kevin beckford chiggsy at
Fri Feb 4 12:34:47 PST 2011

On Mon, Jan 31, 2011 at 9:09 AM, Michael_google gmail_Gersten
<keybounce at> wrote:
> Here's a quick question on task_for_pid() (it seems to be at the heart of this):

By the way, I fixed that code signing problem, was actually pretty easy:

I got a safari dev membership, and setup a cert + key ( an "identity" )

then:  sudo codesign  -s  "enough of your identity to be unique"
/opt/local/bin/tmux  # Works.

codesign  -s  "enough of your identity to be unique"
/Applications/  # Works.

Key:  Don't do it as root. Your ID is under your name. I tend to run a
lot using sudo zsh (root) .  Foolish of me.


The current situation is that unsigned code raises a warning.  Apple
makes 30% on software through the app store, and the mechanism is in
place to disable unsigned binaries.  The lack of docs about all this
stuff is ... disturbing, to say the least.  It's the firewall!   Ipfw
goes back on.  AppFirewall is a good idea, but there must be a 3rd
party implementation of a socketfilter.

I wonder how easy it will be to run open source software on Lion?  I'm
thinking harder.

More information about the macports-users mailing list