I agree.
Now everything will be fine if anybody can use the notarizing stuff with
just an apple id.
> I suppose another approach is to have an upload server that
automatically signs the library contents of a zip file and creates a
notarized dmg for deken using a "shared" Apple developer account. I feel
this leads us to the same potential problem if it is truly open to whoever.
but if there's malware it will fail the notarization. right?
Is it feasible we (open sourced Pd external devs) have an "shared" Apple
developer account?
--
Mensaje telepatico asistido por maquinas.
On 15/10/2022 18:02, Dan Wilcox wrote:
I suggested the approach, but I don't really support us facilitating
the circumvention of a system security feature (or annoyance, based on
your perspective). At the least, it shouldn't be considered Pd's
"standard practice" for macOS, in my opinion.
Hypothetically, what if someone uploads a malicious external to deken,
knowing that someone will blindly download, install, remove
quarantine, and urn it? Is the onus partially on whoever wrote the
plugin as well as the original actor?
I suppose another approach is to have an upload server that
automatically signs the library contents of a zip file and creates a
notarized dmg for deken using a "shared" Apple developer account. I
feel this leads us to the same potential problem if it is truly open
to whoever.
On Oct 14, 2022, at 12:00 PM, pd-list-requ...@lists.iem.at wrote:
Message: 1
Date: Thu, 13 Oct 2022 09:54:52 -0300
From: Lucas Cordiviola <lucard...@hotmail.com>
To: Dan Wilcox <danomat...@gmail.com>, Alexandre Torres Porres
<por...@gmail.com>
Cc: Pd-List <pd-list@lists.iem.at>
Subject: [PD] loading non notarized externals in newer macOS (was:
[hidraw] pre Deken release)
Message-ID:
<ds7pr10mb4845b8566e81247519efed77a6...@ds7pr10mb4845.namprd10.prod.outlook.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
How about a tcl-plugin (available from deken) that is reusable instead
of a script per lib.
Something that you open and choose folder(s) to recursively circumvent
the quarantine in all binaries found. One has to provide the sudo
password in a pop-up dialog.
This plugin can also be part of deken or can be called by deken.
--------
Dan Wilcox
@danomatika <http://twitter.com/danomatika>
danomatika.com <http://danomatika.com>
robotcowboy.com <http://robotcowboy.com>
_______________________________________________
Pd-list@lists.iem.at mailing list
UNSUBSCRIBE and account-management ->
https://lists.puredata.info/listinfo/pd-list