Wednesday, November 9, 2016

How to use Macintosh Xcode's Instruments application to trace antivirus CPU usage and file activity

http://www.symantec.com/docs/HOWTO36824

https://support.symantec.com/en_US/article.HOWTO36824.html

https://web.archive.org/web/20161109004138/https://support.symantec.com/en_US/article.HOWTO36824.html

Posted by Mimmo97 at 11/09/2016 01:41:00 AM 0 comments

Tuesday, November 8, 2016

Check macOS applications and installers digital signatures

https://developer.apple.com/library/content/technotes/tn2206/_index.html

This command:

$ codesign --verify --deep --strict --verbose=2 Foo.app
mimics what Gatekeeper does to check your app.
You can also use the check-signature tool to check both apps and installer packages.
Mount the disk image, then run the tool like this:

$ cd "/Volumes/Signature Check"
$ ./check-signature /Path/to/Foo.app /Path/to/Bar.pkg
For each target, the tool will present a simple YES answer if the signature meets Gatekeeper requirements, or NO if it does not.
Read the error messages carefully, with particular attention to the in subcomponent: part which, if present, tells you which nested code is giving you problems.
Understand that this validation will stop on many errors, and thus you must repeat it until you run out of problems.
You can also use the spctl tool to check if Gatekeeper will accept your app's signature. spctl is a command-line interface to the same security assessment policy subsystem that Gatekeeper uses.
Like Gatekeeper, spctl will only accept Developer ID-signed apps and apps downloaded from the Mac App Store by default. It will reject apps signed with Mac App Store development or distribution certificates.

Run spctl on your app like this:

$ spctl -a -t exec -vv Foo.app
This is the output if your app's signature will be accepted:

Foo.app: accepted
source=Developer ID
source will be Mac App Store for apps downloaded from the Mac App Store.
If spctl shows any result other than accepted, you must re-sign your app on Mavericks or later to ensure Gatekeeper compatibility.
Posted by Mimmo97 at 11/08/2016 09:45:00 PM 0 comments

Check Apple macOS disk images signature

https://developer.apple.com/library/content/technotes/tn2206/_index.html

$ spctl -a -t open --context context:primary-signature -v MyImage.dmg
/Users/me/Downloads/MyImage.dmg: accepted
source=Developer ID
Posted by Mimmo97 at 11/08/2016 09:42:00 PM 0 comments
Subscribe to: Posts (Atom)

Mimmo97 Blog Archive