How to block incoming connections for a Mach-O 64-bit x86_64 executable on macOS

App & System Services Core OS
Touchstone64 OP
Created Nov ’23
Replies 1
Boosts 0
Views 375
Participants 1

Hi folks,

I have a binary that I'm testing for a colleague developer on macOS 12.7.1. It's identified as a "Mach-O 64-bit x86_64 executable, flags:<NOUNDEFS|DYLDLINK|TWOLEVEL|BINDS_TO_WEAK|PIE|HAS_TLV_DESCRIPTORS>" by the /usr/bin/file utility.

Whenever it's launched I get the 'allow or deny incoming connections' app firewall prompt, but even though my response is stored correctly (verified using /usr/libexec/ApplicationFirewall/socketfilterfw —listapps), every time I launch it I get prompted again.

Is this because the app can't be signed when I approve or deny connections? I tried a quick self-sign using codesign --force --deep -s - <app> and got an internal error in Code Signing subsystem response.

Any and all advice very much welcome! Thanks :)

Answered by Touchstone64 in 770566022

I really am my own worst enemy. The internal code signing error was caused by my leaving the directory containing the binary read-only for my user and group. Once I gave myself permission to write to the directory, the self-sign worked and the firewall choice became persistent. Doh.

Replies  1
Boosts  0
Views  375
Participants  1
Touchstone64 OP
Nov ’23
Accepted Answer

I really am my own worst enemy. The internal code signing error was caused by my leaving the directory containing the binary read-only for my user and group. Once I gave myself permission to write to the directory, the self-sign worked and the firewall choice became persistent. Doh.

0
How to block incoming connections for a Mach-O 64-bit x86_64 executable on macOS
First post date Last post date
 
 
Q