code signing and the future of MacPorts
Gerben Wierda
gerben.wierda at rna.nl
Fri Mar 11 15:08:17 UTC 2022
Additionally, I was thinking that the binary downloads of ports might be codesigned. That would prevent people from all having to buy a certificate themselves (and self-signed is not really an option, these are generally ignored, maybe not if you mark them as trusted). You can of course also create your own PKI and add its root cert as trusted in your own systems. There are a few avenues here.
Gerben Wierda (LinkedIn <https://www.linkedin.com/in/gerbenwierda>)
R&A IT Strategy <https://ea.rna.nl/> (main site)
Book: Chess and the Art of Enterprise Architecture <https://ea.rna.nl/the-book/>
Book: Mastering ArchiMate <https://ea.rna.nl/the-book-edition-iii/>
> On 11 Mar 2022, at 15:16, Gerben Wierda via macports-dev <macports-dev at lists.macports.org> wrote:
>
> I’ve recently moved from macOS Mojave with MacPorts to macOS Monterey with MacPorts
>
> I’ve had serious trouble with the application level firewall (alf/socketfilterfw). I now suspect that one reason is that Apple is getting stricter and stricter about only allowing binaries that have been code signed. This might play more and more havoc with using open source e,g. via MacPorts.
>
> For instance, at this point, I cannot turn on socketfilterfw because it blocks (in weird ways sometimes) my mail server. Even if I allow a certain binary to run, socketfilterfw will report error like the “-67062’ error, which stands for
>
> % security error -67062
> Error: 0xFFFEFA0A -67062 code object is not signed at all
>
> I’ve seen the socketfilterfw either block or not block in that situation. There is not discernible method. It seems macOS becomes more and more unreliable when faced with unsigned apps, which is something that is the default when using open source installs.
>
> Apple itself signs everything. Even simple command line executables now have an embedded signature:
>
> gerben at hermione Downloads % codesign -v -d /bin/echo
> Executable=/bin/echo
> Identifier=com.apple.echo
> Format=Mach-O universal (x86_64 arm64e)
> CodeDirectory v=20400 size=583 flags=0x0(none) hashes=13+2 location=embedded
> Platform identifier=13
> Signature size=4442
> Signed Time=18 Dec 2021 at 18 December 01:20:02
> Info.plist=not bound
> TeamIdentifier=not set
> Sealed Resources=none
> Internal requirements count=1 size=64
>
> There are more and more parts of macOS where the security screws are being tightened more and more and code signing is a key element.
>
> I am therefore wondering if it will become necessary to add code signing to the MacPorts install process, to support it in some way.
>
> Gerben Wierda (LinkedIn <https://www.linkedin.com/in/gerbenwierda>)
> R&A IT Strategy <https://ea.rna.nl/> (main site)
> Book: Chess and the Art of Enterprise Architecture <https://ea.rna.nl/the-book/>
> Book: Mastering ArchiMate <https://ea.rna.nl/the-book-edition-iii/>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macports.org/pipermail/macports-users/attachments/20220311/b219a894/attachment.htm>
More information about the macports-users
mailing list