On Sep 21, 2011, at 5:59 AM, Francois Gouget wrote:
On Wed, 21 Sep 2011, Ken Thomases wrote:
Anyway, the application firewall is based on code-signing. The user's permission to allow a program to accept incoming connections is tied to the program's signature.
[...]
Since regularly testing Wine entails constantly rebuilding it, the signature never survives for long and the system asks for permission with every new build.
Exactly. So should the application firewall be causing trouble, the only solution would be to disable it :-( I guess there's no way to automatically authorize / sign the application?
You can, but it requires a digital certificate. I don't know if a self-signed certificate can be used. I think they can to a certain extent. A program signed with a self-signed certificate will allow for the application firewall to recognize it as the same program which was previously granted permission by the user. It would require a certificate traceable to a trusted root certificate for the application firewall to _implicitly_ trust the program and not require even the initial permission from the user.
The command-line tool to do the code-signing is "codesign". There's a man page, of course, and also Apple's documentation: https://developer.apple.com/library/mac/documentation/Security/Conceptual/Co...
-Ken