Hello,
I've always used a package manager (pkgsrc), it installs to my home directory (~/pkg).
I noticed today that if I manually copy a binary (not build by the package manager) to that location (~/pkg/bin), it gets terminated by EXC_BAD_ACCESS (Code Signature Invalid), but runs fine in its original location.
I was confused because I don't remember signing anything in there.
So Xcode clang is signing everything by default:
% codesign --display --verbose ~/pkg/bin/python
...
Format=Mach-O thin (arm64)
CodeDirectory v=20400 size=514 flags=0x20002(adhoc,linker-signed) hashes=13+0 location=embedded
Signature=adhoc
...
"linker-signed"..?
I guess I have to "re-link" binaries every time they get moved? Since the linker is doing this on its own, maybe the "install" utility could do that for us?
Update: Nevermind. TIL about -adhoc_codesign
and -no_adhoc_codesign
linker options. 😅