Tests failing on OSX

Ken Thomases ken at codeweavers.com
Wed Sep 21 06:45:08 CDT 2011


On Sep 21, 2011, at 5:59 AM, Francois Gouget wrote:

> On Wed, 21 Sep 2011, Ken Thomases wrote:
> 
>> Anyway, the application firewall is based on code-signing.  The user's 
>> permission to allow a program to accept incoming connections is tied 
>> to the program's signature.
> [...]
>> Since regularly testing Wine entails constantly rebuilding it, the 
>> signature never survives for long and the system asks for permission 
>> with every new build.
> 
> Exactly. So should the application firewall be causing trouble, the only 
> solution would be to disable it :-( I guess there's no way to 
> automatically authorize / sign the application?

You can, but it requires a digital certificate.  I don't know if a self-signed certificate can be used.  I think they can to a certain extent. A program signed with a self-signed certificate will allow for the application firewall to recognize it as the same program which was previously granted permission by the user.  It would require a certificate traceable to a trusted root certificate for the application firewall to _implicitly_ trust the program and not require even the initial permission from the user.

The command-line tool to do the code-signing is "codesign".  There's a man page, of course, and also Apple's documentation:
https://developer.apple.com/library/mac/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html

-Ken




More information about the wine-devel mailing list