Post not yet marked as solved
Whenever I'm trying to open Eclipse or SpringToolSuite 4 I'm getting the same permission related issues It was working fine a day before yesterday but now It's showing weird stuff.
You do not have permission to open the application “SpringToolSuite4”.
You do not have permission to open the application “Eclipse”.
If anyone has any solutions please share
Post not yet marked as solved
Hello,
TLDR; Are there any guidelines (Apple or 3rd party) to deploy a Python + QT + PyInstaller app on macOS App Store?
Why should we have one? Python is currently the most popular language, QT is the most popular desktop app platform to use with Python and PyInstaller is pretty much the only game in town to package this type of app for macOS.
Problem: By following the guidance on several forums and many sleepless nights we were able to package and notarize the app. However, when we submit the .pkg for review using Transporter we get ~200 signature errors in an email like the below. Pretty much for all .so .dylib files except ours where we individually signed with a script as recommended.
We are aware of the famous "Signing a Mac Product For Distribution" forum post, yet we don't know how not to use --deep to sign since we use several popular 3rd party libraries from PyPi (pip install) and leaving out --deep will even prevent notarization. And clearly, --deep is not working for the App Store scenario.
A solution that comes to mind is to write a script and create a complex 3rd party library dependency graph (200+) so we can sign them inside out in the perfect order. We don't believe this is a a feasible option.
Are we missing something? any help is appreciated..
Thanks,
Hakan
Sample error messages:
ITMS-90238: Invalid Signature - The executable at path MyApp.app/Contents/MacOS/pandas/_libs/algos.cpython-39-darwin.so has following signing error(s): valid on disk /Volumes/data01/app_data/awf/mz_5486667331891756409dir/mz_14480180029087919630dir/com.company.app.pkg/Payload/MyApp.app/Contents/MacOS/pandas/_libs/algos.cpython-39-darwin.so: satisfies its Designated Requirement test-requirement: code failed to satisfy specified code requirement(s) . Refer to the Code Signing and Application Sandboxing Guide at ... at ... for more information.
ITMS-90238: Invalid Signature - The executable at path MyApp.app/Contents/MacOS/PyQt5/Qt5/plugins/imageformats/libqico.dylib has following signing error(s): valid on disk /Volumes/data01/app_data/awf/mz_5486667331891756409dir/mz_14480180029087919630dir/com.company.app.pkg/Payload/MyApp.app/Contents/MacOS/PyQt5/Qt5/plugins/imageformats/libqico.dylib: satisfies its Designated Requirement test-requirement: code failed to satisfy specified code requirement(s) . Refer to the Code Signing and Application Sandboxing Guide at ... and Technical Note 2206 at ... for more information.
Post not yet marked as solved
I have an electron app that is signed and notarized. If I zip the app and send it to myself (AirDrop, Dropbox, etc.) it is quarantined (as expected) and it is unable to read files/directories outside of itself.
The app has an external config folder that it must read:
Parent_Folder (Unzipped)
|- CONFIG
|- myApp.app
When I launch the app, I don't receive a prompt to allow access to the downloads folder, and as a result, it can't read the CONFIG folder.
However, I can fix it in one of two ways:
Move the .app file (anywhere) and then move it back.
xattr -d com.apple.quarantine myApp.app
After I complete either one of these steps, I can launch the app and then I receive the prompt to allow access. After that, smooth sailing.
What am I missing? I expected that once the user clicks "Open anyway" when presented with the quarantine prompt that it would work.
I have no problems launching the app, but it doesn't have the required permissions until I complete step 1 or 2.
Edit: Even if the permission is already granted (from a previous attempt) it doesn't work until I complete step 1 or 2.
PackageKit:
Begin install
8 Dec 14 10:33:18 loca lhost installd [51841: Packagekit: PKInformsystemPolicyInstal1operation failed with error:An error occurred while registering installation with Gatekeeper
Post not yet marked as solved
I need to distribute my MacOS app to users at my institution so I packaged and signed it with “productbuild” as such:
I generated the signing key in the Developer portal by choosing the “Mac Installer Distribution” type downloaded it and added it to my keychain. Then I ran this command:
> productbuild --sign "3rd Party Mac Developer Installer (XXXXXXXXXX)" \
> --component InstallTkiCliClient.app /Applications InstallTkiCliClient.pkg
I placed the file in an S3 bucket and downloaded it with Safari. When I open it, I get the dialog that says ‘“AppName.pkg” cannot be opened because it is from an unidentified developer.’ and I have no option but to cancel the operation.
I know the “trick” of ctrl-clicking the file and choosing “Open With” to bring up a dialog that has an option to open the app. That is not my problem. I wanted to avoid this problem for persons that download it so that is why I did all this in the first place.
I did try using “productsign” as well, but that didn’t fix anything which was not a surprise.
> productsign --sign "3rd Party Mac Developer Installer (XXXXXXXXXX)" \ \
> InstallTkiCliClientInstaller.pkg \
> InstallTkiCliClientInstallerSigned.pkg
Can someone figure out what I did wrong? Did I miss a step?
Post not yet marked as solved
What is the purpose of Apple Development and Apple Distribution certificates for macOS application?It is quite new types of certificates in addition to existing iOS/Mac Development/Distribution.According to the documentation https://help.apple.com/xcode/mac/current/#/dev154b28f09?sub=dev23755c6c6Apple Development — For macOS apps, use app services during development and testing.Apple Distribution — For macOS apps, sign an app before distributing it through the Mac App Store.What does it mean sign an app before distributing because for distributing it through the Mac App Store I have to use Mac App Distribution (the name is `3rd Party Mac Developer Application`) and Mac Installer Distribution (the name is `3rd Party Mac Developer Installer`).
Hi,
I am writing a "Network Extension" (NEPacketTunnelProvider) app for macos. I am using "Developer ID" signing for my Macos app. But it crashes after I start it on my mac. I have already gone through the notarization.
Thanks
Time Awake Since Boot: 13000 seconds
Time Since Wake: 11000 seconds
System Integrity Protection: enabled
Crashed Thread: 0
Exception Type: EXCCRASH (Code Signature Invalid)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXCCORPSENOTIFY
Termination Reason: Namespace CODESIGNING, Code 0x1
kernel messages:
VM Regions Near 0 (cr2):->
TEXT 0000000104aaa000-0000000104b32000 [ 544K] r-x/r-x SM=COW
Thread 0 Crashed:
0 @ Z 0x000000010ddb9000 dyld_start + 0
Thread 0 crashed with X86 Thread State (64-bit):
rax: 0x0000000000000000 rbx: 0x0000000000000000 rcx: 0x0000000000000000 rdx: 0x0000000000000000
rdi: 0x0000000000000000 rsi: 0x0000000000000000 rbp: 0x0000000000000000 rsp: 0x00007ffeeb155b70
r8: 0x0000000000000000 r9: 0x0000000000000000 r10: 0x0000000000000000 r11: 0x0000000000000000
r12: 0x0000000000000000 r13: 0x0000000000000000 r14: 0x0000000000000000 r15: 0x0000000000000000
rip: 0x000000010ddb9000 rfl: 0x0000000000000200 cr2: 0x0000000000000000
Logical CPU: 0
Error Code: 0x00000000
Trap Number: 0
I have an MacOS App that get's accepted by Transporter/App Store Connect and is available to download in TestFlight. The App also installs fine. But when I try to open it I get this error:
“libgdx64.dylib” can’t be opened because Apple cannot check it for malicious software.
This software needs to be updated. Contact the developer for more information.
When I click "Show in Finder" I get taken to this folder:
/private/var/folders/cs/bqb_3kr17f35kbtv34cw7s700000gn/T/<AppBundleID>/libgdxmayr/231c5cdb/libgdx64.dylib
When I try to pen this file in any capacity, e.g. in a hex editor, I get this error:
“libgdx64.dylib” is damaged and can’t be opened. You should move it to the Bin.
This is weird to me for multiple reasons. When I compare(with the diff command) the file to the original file in the package I sent to App Store Connect, there is no difference at all. And when I manually replace the broken file in the /private/var/folders/... directory with the working one, the file still gets marked as damaged, even though it worked a second earlier outside of that location.
The file actually gets copied to two other places as well.
1:
/private/var/folders/cs/bqb_3kr17f35kbtv34cw7s700000gn/T/<AppBundleID>/231c5cdb259220476539382411.tmp
This also is on a byte level the exactly same file as libgdx64.dylib.
2:
/Users/mayr/Library/Containers/69A9AB69-9ECB-4B55-A715-1A28FC7168B6/Data/.libgdx/231c5cdb/libgdx64.dylib
This location specifically seems to be a App Sandbox location, so I suppose the whole problem has to do with the Sandbox.
More Context:
The file libgdx64.dylib originally lives in a jar file in the Apps Resources folder. The file belongs to a java game engine framework, called libgdx. I have signed it myself and the signature persists, even to the 3 broken files.
No other files neither in my own code, nor from the framework, get copied anywhere. Only this specific dylib behaves this way.
When I click "OK" on the first popup, two others appear, for the other two files I mentioned earlier. If I say OK to all of them and approve all of them in the System Settings -> Security & Privacy Settings, the app starts as it normally would. So maybe it is also a signing issue, but as I wrote, I signed the file and the signature is visible on the broken files.
Post not yet marked as solved
i have osx 12.1 installed, latest Xcode and Command line tools.
i also have installed MAMP Pro. i have to install some perl modules. when i use perl from osx it works.
when i try to use perl that comes with MAMP i got the following error:
/Application/MAMP/Library/bin/cpan
install HTML::Parser
....
t/uentities.t .......... Can't load '/Users/markus/.cpan/build/HTML-Parser-3.76-0/blib/arch/auto/HTML/Parser/Parser.bundle' for module HTML::Parser: dlopen(/Users/markus/.cpan/build/HTML-Parser-3.76-0/blib/arch/auto/HTML/Parser/Parser.bundle, 0x0002): tried: '/Users/markus/.cpan/build/HTML-Parser-3.76-0/blib/arch/auto/HTML/Parser/Parser.bundle' (code signature in <F2C6AAD0-D2A8-34D6-A697-A817A2334036> '/Users/markus/.cpan/build/HTML-Parser-3.76-0/blib/arch/auto/HTML/Parser/Parser.bundle' not valid for use in process: mapped file has no cdhash, completely unsigned? Code has to be at least ad-hoc signed.), '/usr/lib/Parser.bundle' (no such file) at /Applications/MAMP/Library/lib/perl5/5.30.1/darwin-thread-multi-2level/DynaLoader.pm line 197.
this must have something to do with code signing or gatekeeper.
this error comes even if i try to do it manually:
/Applications/MAMP/Library/bin/perl Makefile.PL
Checking if your kit is complete...
Looks good
Generating a Unix-style Makefile
Writing Makefile for HTML::Parser
Writing MYMETA.yml and MYMETA.json
make
cc -mmacosx-version-min=10.12 -bundle -undefined dynamic_lookup -L/usr/local/lib -fstack-protector-strong Parser.o -o blib/arch/auto/HTML/Parser/Parser.bundle \
\
chmod 755 blib/arch/auto/HTML/Parser/Parser.bundle
make test
....
t/uentities.t .......... Can't load '/Users/markus/.cpan/build/HTML-Parser-3.76-0/blib/arch/auto/HTML/Parser/Parser.bundle' for module HTML::Parser: dlopen(/Users/markus/.cpan/build/HTML-Parser-3.76-0/blib/arch/auto/HTML/Parser/Parser.bundle, 0x0002): tried: '/Users/markus/.cpan/build/HTML-Parser-3.76-0/blib/arch/auto/HTML/Parser/Parser.bundle' (code signature in <F2C6AAD0-D2A8-34D6-A697-A817A2334036> '/Users/markus/.cpan/build/HTML-Parser-3.76-0/blib/arch/auto/HTML/Parser/Parser.bundle' not valid for use in process: mapped file has no cdhash, completely unsigned? Code has to be at least ad-hoc signed.), '/usr/lib/Parser.bundle' (no such file) at /Applications/MAMP/Library/lib/perl5/5.30.1/darwin-thread-multi-2level/DynaLoader.pm line 197.
ll blib/arch/auto/HTML/Parser/Parser.bundle
-rwxr-xr-x 1 markus staff 71960 22 Dez 09:37 blib/arch/auto/HTML/Parser/Parser.bundle
Post not yet marked as solved
Hi,I recently started to add notarization to our build script. By this, apps are built, signed, packaged and notarized every hour, given that some developer has changed something.Now, the notarization emails annoying me. For every build I get such "Your Mac software was successfully notarized." email. If something fails, my build script will send me an email anyway. I really do not need this notarization emails.Is there a way to turn this off?
Post not yet marked as solved
I've just bought a new MacBook Pro M1, and restored everything from my old Intel MacBook Pro using a Time Machine backup.
It was a pretty smooth process, a few glitches such as needing to re-download certain apps to get the M1 version (e.g. Android Studio).
One thing that I've noticed, and I don't know whether this is a Monterey thing or an M1 thing but as part of my day-to-day development work, I maintain various .sh files for building projects on different platforms.
I have found that as soon as I edit and save an existing .sh file using TextEdit, it then sets the quarantine bit on the file and prevents it running from inside Zsh:
zsh: operation not permitted: ./test.sh
xattr yields the following:
xattr ./test.sh
com.apple.TextEncoding
com.apple.lastuseddate#PS
com.apple.macl
com.apple.metadata:kMDLabel_pjtfm5adga5rvjv2xmgkyqjwmq
com.apple.quarantine
This is incredibly annoying and I can't believe it is by design - this is not a file that has been downloaded from the Internet, it's my own file. Why can't I edit it using TextEdit?
I do not get the same problem when I edit and save using Sublime Text, as one example, so what's with TextEdit doing that?
I have an app I developed for internal company use outside of xcode (python/pyinstaller based application). The app is a normal double-clickable application with the usual internal structure, as far as I can tell. In order to ease deployment, I figured I'd go ahead and code sign it using my Developer ID, which I did with the following command:codesign --deep -f -s "Developer ID Application" SO2\ Explorer.appWhich ran without complaint. I can then check that it was applied using the command:codesign -dv --strict --verbose=4 SO2\ Explorer.appwhich gives the following output:Executable=/Users/israel/Desktop/SO2 Explorer.app/Contents/MacOS/SO2 Explorer
Identifier=edu.alaska.avo.so2explorer
Format=app bundle with Mach-O thin (x86_64)
CodeDirectory v=20200 size=26842 flags=0x0(none) hashes=833+3 location=embedded
VersionPlatform=1
VersionMin=657152
VersionSDK=658176
Hash type=sha256 size=32
CandidateCDHash sha1=d0fd8ca348696e3e8ed218658a4a19de0f0fa346
CandidateCDHash sha256=c45d6c5c00a7dd457a55c37828f3b3953049f8dd
Hash choices=sha1,sha256
Page size=4096
CDHash=c45d6c5c00a7dd457a55c37828f3b3953049f8dd
Signature size=9012
Authority=Developer ID Application: Israel Brewster (59ED27HUEF)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=Mar 21, 2019 at 2:19:59 PM
Info.plist entries=10
TeamIdentifier=59ED27HUEF
Sealed Resources version=2 rules=13 files=1222
Internal requirements count=1 size=188which all looks good to me. However, if I check it using the spctl tool:spctl --assess -v --raw SO2\ Explorer.appthe application is rejected:SO2 Explorer.app: rejected (the main executable or Info.plist must be a regular file (no symlinks, etc.))
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>assessment:authority</key>
<dict>
<key>assessment:authority:flags</key>
<integer>0</integer>
<key>assessment:authority:source</key>
<string>obsolete resource envelope</string>
<key>assessment:authority:weak</key>
<true/>
</dict>
<key>assessment:cserror</key>
<integer>-67015</integer>
<key>assessment:remote</key>
<true/>
<key>assessment:verdict</key>
<false/>
</dict>
</plist>And, in fact, if I try to run the app on a machine with gatekeeper enabled, you do get the "can not open this app due to unidentified developer" warning.What's the problem here, and how do I fix it? The first line of output would seem to indicate that it thinks that either the main executable or Info.plist file is not a regular file, but that is not the case - both are regular files:israel$ ls -l SO2\ Explorer.app/Contents/Info.plist
-rw------- 1 israel staff 436 Mar 21 14:07 SO2 Explorer.app/Contents/Info.plist
israel$ file SO2\ Explorer.app/Contents/Info.plist
SO2 Explorer.app/Contents/Info.plist: Apple binary property list
israel$ ls -l SO2\ Explorer.app/Contents/MacOS/SO2\ Explorer
-rwxr-xr-x 1 israel staff 3471792 Mar 21 14:19 SO2 Explorer.app/Contents/MacOS/SO2 Explorer
israel$ file SO2\ Explorer.app/Contents/MacOS/SO2\ Explorer
SO2 Explorer.app/Contents/MacOS/SO2 Explorer: Mach-O 64-bit executable x86_64I'm also noting the entry about "obsolete resource envelope", though I don't know if that means anything.Any thoughts? Thanks!
Post not yet marked as solved
Hi,I develop a tool which has to come as PKG installer to the customers by download. The tool is built automatically. Thus, no manual XCode signing but using a Makefile with productsign:$ productsign --sign "Developer ID Installer: company (P5L99xxxxx)" unsigned.pkg signed.pkgFinally, everything seems fine and this is what the test with spctl returns:$ spctl --assess --verbose --type install mac/signed.pkg
mac/signed.pkg: accepted
source=Developer IDI also tried to verify using pkgutil:$ pkgutil --check-signature mac/signed.pkg
Status: signed by a certificate trusted by Mac OS X
Certificate Chain:
1. Developer ID Installer: company (P5L99xxxxx)
SHA1...
2. Developer ID Certification Authority
SHA1...
3. Apple Root CA
SHA1...For me it looks all good but all the customers will get the message"signed.pkg" can't be opened because it is from an unidentified developer.If such customer is calling the above spctl call after he got the warning, his tool also reports "accepted". Upon this, it no longer complains any more.You can try by yourself by downloading the signed app from here: http://www.regify.com/DOWNLOAD/beta/ (please test the regibox .pkg file)I tried several certificates and already learned that the "3rd Party Mac Developer Installer" certificate is wrong and only for tests. Thus, I exported the "Developer ID Installer: company..." certificate from XCode and used this (as seen above). But it does not work :-(What's wrong?Best,Kukulkan
Post not yet marked as solved
Hi,
I am working on an application that stays stuck at the verifying phase when launched on 10.14, but launches just fine on 10.15 and up. The application is signed with codesign. The enclosure is a dmg, codesigned too, notarized and stapled. I can't figure out why the application verification stays stuck. Any debugging advice on that would be much appreciated.
Thanks.
Post not yet marked as solved
I have a small command-line tool (a service) that gets compiled by Xcode, then I'm signing it during a Run Script phase. When I try to run it, it gets "Killed".
Here's the signing command:
% /usr/bin/codesign -s "Developer ID Application: ..." --keychain "/Users/.../Library/Keychains/login.keychain" --timestamp -f -o runtime --entitlements /Code/.../mytool.entitlements /Code/.../mytool
I've got an Info.plist and entitlements for it.
% codesign -vvvv ./mytool
./mytool: valid on disk
./mytool: satisfies its Designated Requirement
% codesign -dvv ./mytool
Executable=.../mytool
Identifier=com.myorg.mytool
Format=Mach-O universal (x86_64 arm64)
CodeDirectory v=20500 size=10271 flags=0x10000(runtime) hashes=310+7 location=embedded
Signature size=8952
Authority=Developer ID Application: ...
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=Dec 8, 2021 at 6:28:25 PM
Info.plist entries=19
TeamIdentifier=...
Runtime Version=12.0.0
Sealed Resources=none
Internal requirements count=1 size=180
When I run spctl I get:
% spctl -a -v --raw ./mytool
./mytool: rejected (the code is valid but does not seem to be an app)
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>assessment:authority</key>
<dict>
<key>assessment:authority:flags</key>
<integer>0</integer>
<key>assessment:authority:source</key>
<string>obsolete resource envelope</string>
<key>assessment:authority:weak</key>
<true/>
</dict>
<key>assessment:cserror</key>
<integer>-67002</integer>
<key>assessment:remote</key>
<true/>
<key>assessment:verdict</key>
<false/>
</dict>
</plist>
What's it mean? How can I get this tool to run signed OK? All of this stuff is highly opaque, and the documentation out of date (for example, where it says you can run spctl on /bin/ls, but it gives the same exact error output that /bin/ls isn't an app.)
Note that ultimately this tool gets distributed in a ZIP file that contains Windows and Linux executables also; there is not, and ought not be, any macOS-specific installer... I have a lot of other things to do than jumping through these hoops.
Info.plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleDevelopmentRegion</key>
<string>English</string>
<key>CFBundleExecutable</key>
<string>mytool</string>
<key>CFBundleIdentifier</key>
<string>com.myorg.mytool</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>mytool</string>
<key>CFBundlePackageType</key>
<string>APPL</string>
<key>CFBundleVersion</key>
<string>2.0.0</string>
<key>NSHumanReadableCopyright</key>
<string>...</string>
</dict>
</plist>
Entitlements:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
</dict>
</plist>
Post not yet marked as solved
Hello,
I found that when installing an arbitrary app to macOS 12.0 by pkg file, it shows following error message.
PKInformSystemPolicyInstallOperation failed with error:An error occurred while registering installation with Gatekeeper.
Issue can not be replicated with macOS 11.
Also even the error message has shown, installation seems to be completed properly.
Have anyone seen similar issue with macOS 12?
Post not yet marked as solved
I have a Mac OS app that uses a separate swift-built binary to extend its functionality. It is non sandboxed and signed via Developer ID method.
I placed the binary file in Contents/MacOS directory of the bundle.
Here are the entitlements used to sign the bundle:
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
<key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.cs.allow-dyld-environment-variables</key>
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
</dict>
</plist>
When the application is built for arm64 (using arm64 built swift binary helper), successfully signed, notarized, and downloaded on a user's Mac, gatekeeper has no issues and throws no warnings.
When the application is built for x86_64 (using the x86_64 built swift binary OR universal swift built binary helper), successfully signed, notarized, and downloaded on a user's Mac, gatekeeper throws the "macOS cannot verify that this app is free from malware" warning.
So the issue seems to be the x86_64 swift built binary, but it is identical to arm64 build. I'm puzzled. Any suggestions on how to proceed?
Post not yet marked as solved
I have porting my existing application to support native M1, there a a lot of framework and library that I have already build for both platform.
The strange result is when I archive the app on Intel machine. The binary work on Intel platform well. When I archive my application on M1 machine, the app can work on M1 well.
But when I try to run app that build on M1 on Intel Machine, then I got the message said my app is damaged and can't be opened. The same situation got for build in Intel platform one.
I try "lipo -archs" command on my app and I did get
"x86_64 arm64" as result, so my app should already a universal app I guess.
Does any body know are there some way to check what happened on my application?
Thanks, any opinion will be appreciated !
Eric
Post not yet marked as solved
Hello,
Even though I disable library validation my application won't load library with hardened runtime. It's important to note that library I'm trying to load is NOT signed at all.
Do I understand correctly that com.apple.security.cs.disable-library-validation does only allow to load libraries signed with a different Team ID, not totally unsigned ones as I was hoping? If true, is there any way to load unsigned libraries. Signing them myself is not an option.
Thanks,
bkarasm
Post not yet marked as solved
Hi.
I create a dmg for my app (notarized success, it's on Big Sur, Intel), this dmg can drag the app to the applications folder.
After copy the app can work on:
Big Sur (intel)
Big Sur (M1)
but it's can't work on High Sierra, this is the message
app is damaged and can't be opened.
use command to check notarized
spctl -a -vv
to check my app, it's return accepted.
If directly open the app on dmg volume, it's work.
It's possible got some problem after copy?
MrRajput.
