I know. I just want to discourage the baby crackers. Codesign looks interesting. Ptrace seems to have been strengthened in Leopard, too. At least I wasn't able to bypass it as easily as outlined by steike. Always something :-)
Thanks! On Thu, May 22, 2008 at 1:22 PM, Jean-Daniel Dupas <[EMAIL PROTECTED]> wrote: > > Le 22 mai 08 à 12:57, Keith Duncan a écrit : > >>> is there a way to tell if my executable was launched by/attached to some >>> other process? >> >> You can use ptrace(2) with the PT_DENY_ATTACH request to prevent anyone >> from attaching and will kill the process if it is already being traced. >> >> See http://steike.com/code/debugging-itunes-with-gdb/ >> >> This has been worked around using a simple kernel extension, I don't know >> what the current state of it is but it may not be that reliable. >> >>> file integrity >> >> You can also use codesign(1) which will alert the user if your binary has >> been tampered with since the signing. Note that it doesn't prevent the user >> from launching your application and the functions for determining the >> integrity of your executable aren't public. >> >> Keith > > There is absolutly no way to completly prevent an user to launch your > application. If he really want, he can resign the app with is own signature. > You can add a check, he can change your binaty to bypass it. > You can just do it a little harder, but as long as the user can do whatever > he want with your executable, he can launch and decompile it. > > Don't lose to much time to discourage hackers, it's barely always useless. > > > > _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to [EMAIL PROTECTED]
