On Oct 15, 2009, at 8:51 AM, Charles Srstka wrote:
Presumably, this would be more noticeable to the user than simply copying a binary file inside an opaque app bundle that most users never look inside.
The malicious code could also break the code sign checking APIs to always return 'true'.
When you aren't certain if the code your running is yours, you can't trust anything that it does, including telling you it is valid.
-- David Duncan Apple DTS Animation and Printing _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
