[Haskell-cafe] Haskell development in Mac OS X after Gatekeeper

Jack Henahan jhenahan at uvm.edu
Mon Feb 20 04:31:32 CET 2012 

As has been mentioned, it's already possible to override Gatekeeper on a per-app basis, and what I've seen so far is that it operates just as the download warning: once you get past the first check, it never bothers you again. Is it unreasonable for your users to open it that way once? As for signing, there's nothing exclusive to Xcode there. Just the `codesign` tool available as usual.


Jack Henahan
jhenahan at uvm.edu
==
Computer science is no more about computers than astronomy is about telescopes.
-- Michael R. Fellows
==
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PublicKey.asc
Type: application/x-apple-msg-attachment
Size: 24255 bytes
Desc: not available
URL: <http://www.haskell.org/pipermail/haskell-cafe/attachments/20120219/75226309/attachment.bin>
-------------- next part --------------

On Feb 19, 2012, at 9:19 PM, Tom Murphy wrote:

> On 2/19/12, Austin Seipp <mad.one at gmail.com> wrote:
>> On Sun, Feb 19, 2012 at 6:01 PM, Tom Murphy <amindfv at gmail.com> wrote:
>>> 0) Distributing non-Cocoa-built apps, even if you're approved by Apple
>> 
>> Do you just mean binaries that you expect users run under
>> /usr/local/bin or something, not app bundles? If that's the case, I
>> cannot say if the same restrictions will apply.
> 
>     Actually, what I was more concerned about was the ability to
> distribute a "full" Mac application, with a GUI, made with a method
> other than calling Haskell from Objective-C.
>     It seems that *none* of these applications will be usable by
> anyone except users with all security settings turned off (it doesn't
> sound great in a user manual: "Every time you run this program, be
> sure to turn the malware-detector all the way off")
> 
>     The reason I'm concerned is that having a security signature
> requires a membership to the Apple Developers program, which is
> exclusively for XCode [0]. Isn't it logical to assume that the
> signature-"bundling" process [1] occurs within XCode?
>     (I'm assuming the "digital summary of the contents of the
> application" is a hash, which (I think) would imply that
> XCode-compilation would have to be the final step in the development
> chain)
> 
>     Which (again, unless I'm reading it wrong) means that most
> Haskell OS X GUI work (incl. FRP) goes out the window?!
> 
> amindfv / Tom
> 
> 
> [0] Not to mention $100 every year!
> 
> [1] "Digital signatures are created by combining a secret key known
> only to the developer with a digital summary of the contents of the
> application. It’s all wrapped together in an encrypted file that
> becomes part of the app."
> 
> _______________________________________________
> Haskell-Cafe mailing list
> Haskell-Cafe at haskell.org
> http://www.haskell.org/mailman/listinfo/haskell-cafe

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://www.haskell.org/pipermail/haskell-cafe/attachments/20120219/75226309/attachment.pgp>

More information about the Haskell-Cafe mailing list