> On Oct 24, 2014, at 10:11 PM, Landon J Fuller <[email protected]> wrote: > On Oct 24, 2014, at 8:00 PM, Ryan Schmidt <[email protected]> wrote: >>> I agree that a kext requires a higher degree of trust, I just don’t think a >>> single-vendor signing regime is a net win for users. >> >> But that's what Apple's policy in Yosemite seems to be, and it has typically >> been MacPorts strategy to attempt to adopt whatever policy changes Apple >> makes as best we can. > > Historically, Apple’s technological/commercial interests have been more > aligned with the requirements of MacPorts’ user base, and even then, MacPorts > has shipped things that Apple no longer supported because those tools were > still required by MacPorts' users. > > If someone wants to exercise their prerogative to install an unsigned kext, > Apple has already added plenty of barriers. I don’t see what we have to gain > by deleting the ports out from under them, too.
+1 I think Landon's plan seems reasonable (try to get a signing cert - even though we probably won't get one, use the nvram check to print information that helps our users, possibly use developer-signed kexts). -- Daniel J. Luke +========================================================+ | *---------------- [email protected] ----------------* | | *-------------- http://www.geeklair.net -------------* | +========================================================+ | Opinions expressed are mine and do not necessarily | | reflect the opinions of my employer. | +========================================================+ _______________________________________________ macports-dev mailing list [email protected] https://lists.macosforge.org/mailman/listinfo/macports-dev
