Peter Hudson wrote:
I was looking for a way to observe the code having been hacked - andif it has been, for the app not to run. What is the kill flag and how do I set it ?Could it be reset by someone ?
Take a look at the Code Signing Services Reference: http://developer.apple.com/mac/library/documentation/Security/Reference/CodeSigningRef/Reference/reference.htmlAssuming that you want an application to check its own validity, the basic idea is that you want to get a SecCodeRef for the running app using SecCodeCopySelf, and then validate it against some requirement using SecCodeCheckValidity. If you specify no requirement, it validates only the application's designated requirement.
Using SecCodeCheckValidity, you're validating the application's dynamic state -- i.e. confirming that it has not been modified while running. You can also check the static state using SecStaticCodeCheckValidity.
There was a pretty good presentation on code signing at WWDC'09. If you have access to the WWDC videos, you might want to check it out.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Cocoa-dev mailing list ([email protected]) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to [email protected]
