I have created signed some binaries with Apple development certificates and then revoked the certificate from developer account.
After revocation of certificate, gatekeeper is not blocking the execution of binaries.
Even evaluating these revoked certificates in keychain is showing valid certification and successful evaluation .
Same applies for Installer certificate.
I tried checking revocation status of binary using method "SecPolicyCreateRevocation(kSecRevocationUseAnyAvailableMethod)" but we are getting trust result as 'kSecTrustResultUnspecified'.
Please tell me how to check if certificate is revoked using any utility.
Also let me know if I am missing anything in revocation check call.
dheeraj_koshti
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
From
India
Post
Replies
Boosts
Views
Activity
@eskimo
Does Mac support Counter Signature and Detached Signature?
If yes, then which API call from security framework is used to get those signature informations ?
@eskimo
What are the possible processes which we can mute in System extension so that we do not get unnecessary events?
e.g. MDS process which runs for spotlight indexing.
When users tries to edit file on Local drive, my application denies that action in OPEN AUTH event. I do not see any change in file access time.
But when users tries to edit file on Pen drive, my application denies that action in OPEN AUTH event. I do see change in access time.
Why there is such a difference ?
In case we copy file to finder using ctrl+c -> ctrl+v we get "ES_EVENT_TYPE_AUTH_CLONE" event.
In case we block that event, we get 2-3 times 'ES_EVENT_TYPE_AUTH_CLONE' event with same destination file name.
Any idea how to avoid those extra 2-3 events of 'ES_EVENT_TYPE_AUTH_CLONE'?
Please help me in finding Endpoint Security events for below systems calls.
SYS_kdebug_trace
SYS_open_nocancel
SYS_posix_spawn
SYS_proc_info
SYS_rmdir
SYS_vfork
SYS_copyfile
SYS_mkdir
SYS_chmod
SYS_chown
Please let me know how to give "Full Disk Access" permission to "Terminal" while installing an application
Regards
Hi,
I installed command line tools using command "xcode-select --install" in Catalina.
I could not find 'lldb-server' in path "/Library/Developer/CommandLineTools" in Catalina.
I could find lldb-server at below path in Mojave "/Library/Developer/CommandLineTools/Library/PrivateFrameworks/LLDB.framework/Versions/A/Resources/"
Please guide me how to install lldb-server in Catalina as I require it for remote debugging.
Regards