[vlc-devel] OSX, deep codesigning and plugins.dat

Matej Knopp matej.knopp at inmethod.com
Sun Dec 14 12:12:26 CET 2014


Hi Felix,

On Sun, Dec 14, 2014 at 11:17 AM, Felix Paul Kühne <fkuehne at videolan.org> wrote:
> Hello Matej,
>
>> On 14 Dec 2014, at 00:18, Matej Knopp <matej.knopp at inmethod.com> wrote:
>>
>> Hi,
>>
>> modifying codesigned bundle is no longer valid with deep codesigning
>> so adding plugins.dat invalidates bundle signature.
>>
>> codesign -v --deep-verify VLC.app
>>
>> outputs
>>
>> VLC.app: a sealed resource is missing or invalid
>>
>> (it returns without error until the first time app is executed)
>>
>> Shouldn't the plugins.dat be moved outside the bundle?
>
> Yes, it should. But then again, the signature should be verified prior to the first launch creating the plugin cache, so so the signature failure would be detected only if you package a VLC binary with a plugin cache, transfer it to another Mac in a way which enables GateKeeper (aka upload + download via endorsed web browser) and try to install it.

That is true of course, although there are no guarantees this won't
change in future. However there is a potentially bigger issue: If you
run the VLC executable from Terminal (i.e. command line transcoding),
it will trigger plugin.dat generation, but it will not remove the
com.apple.quarantine flag. So when you try to launch VLC bundle after
that, the verification will fail and user will be warned that VLC is
damanged with suggestion to Move it to Trash.

Cheers,
Matej

>
> However, you are right, the cache should be moved.
>
> Best regards,
>
> Felix
>
> _______________________________________________
> vlc-devel mailing list
> To unsubscribe or modify your subscription options:
> https://mailman.videolan.org/listinfo/vlc-devel



More information about the vlc-devel mailing list