Re: [hatari-devel] Code signing for macOS

[ Thread Index | Date Index | More lists.tuxfamily.org/hatari-devel Archives ]


Troed,

As a macOS user, I have a different perspective on Gatekeeper. However, in the past, there has not been interest in pursuing a Gatekeeper code signature and notarization. Some well known open source projects (like Audacity) have gone to the trouble of obtaining a code signature and notarization. However, as someone who has a few emulators on my Mac, I have run into the same issue on other projects. Rather than going through System Preferences, you can simply right-click on the program and select Open. If you select Open from the dialog box that appears, it will create an exception for Gatekeeper. There has been a bug where sometimes it takes a second right-click before the Open option appears. Once the exception is added to Gatekeeper, the user will not be asked again until they copy over a new version of Hatari (or re-install it from Hatari's website).

I know Miguel Sano belongs to an organization that received a free developer license. However, looking at the rules, you need to be an actual non-profit organization in your country. That would not apply to the Hatari project since it is an informal group of developers who work on it.

Even as a Mac user, the best approach is probably to have some text in the readme explaining that, as a small open source project, we do not have a code signature and describe the steps to run Hatari if they feel comfortable using it without a code signature. I am guessing most macOS Hatari users know the project and are comfortable that running Hatari does not create a security risk for their Mac. As I see it, the problem with an individual obtaining a code signature is if another program from that individual was flagged by Apple, it would stop Hatari from running since Apple would revoke the certificate for all programs belonging to that developer.

Bob C

On Sun, Nov 29, 2020 at 5:47 AM Troed Sångberg <troed@xxxxxxxxxxx> wrote:

I don't know, when searching I came across this:

"Ever since Apple introduced Gatekeeper, some high-quality open-source apps have been second-class citizens on macOS, their maintainers either unable or unwilling to pay Apple $99 a year for a Developer ID certificate. Many of these are niche apps, but there are notable popular exceptions, such as Audacity. Other apps, like Krita, have had trouble integrating notarization into their build systems, requiring manual notarization for every release.

At this time, most of the large, popular open-source apps are signed and notarized, a big improvement over where things were just a couple years ago. "


https://buckleyisms.com/blog/apple-should-provide-notarization-for-open-source-apps/

(I'm not too worried about any legal aspects. I'd first try the nonprofit aspect before thinking of paying. However, I'm far from being a major contributor to Hatari so I'd only go forward with this if it's something of interest for the wider team)


/Troed



Sent from ProtonMail Mobile


On Sun, Nov 29, 2020 at 14:23, Nicolas Pomarède <npomarede@xxxxxxxxxxxx> wrote:
Le 29/11/2020 à 12:56, Vincent Barrilliot a écrit :
> Hello,
>
>
> Do we want to fix this ? I mean, Apple is true, they cannot guarantee
> who developers behind the app are.. People pay expensive Macs to have an
> army of lawyers controlling their ecosystem by always knowing who to
> sue. Hatari is made by hobbyists, does any of them want to potentually
> get sued for what they do in their free time?
>
> * If yes (which I disagree with)  then well we can pay and and give
> Apple a stick to beat us if they don't like what we're doing.
>
> * If no then we should only seek the trust of people using Hatari, even
> if that requires them to manually specify it on their Mac.
>
> Eventually, if Apple makes it harder and harder to use open source apps
> like Hatari, to the point the Mac is no longer a friendly environment
> for open source apps, then it'll just mean you shoudln't use a Mac
> otherwise you're just creating trouble for yourself. Like if Lamborghini
> makes car for running on race tracks, you shouldn't by one to drive on
> muddy country roads.
>
>

Hi

I'm grateful if Troed want to go through this process, but same as you I
also feel it goes against the open source idea and paying Apple who uses
its monopolistic advantage to enfore such policy.

Maybe in the end it's better to not accept Apple's rules and let the
users be aware of what is going on ? (especially if you consider that
with recent ARM release for macOS, Apple has some kind of backdoor to
let his own apps contact outside servers, bypassing their own firewall,
as was described in some recent articles).

How do other open source apps manage this ? For example Audacity is a
popular app, do they manage to get a signature from Apple ?

Nicolas






Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/