On Sat, Jan 24, 2009 at 6:08 PM, Chris Hanson <c...@me.com> wrote: > Among other things, to be truly secure you must use a secure installation > mechanism. Do not write your own install tool — it can't be made secure > without itself being installed via a secure installation mechanism. > Instead, use Installer.app for your installations since it's included with > the operating system and not modifiable with normal user privileges.
I'm afraid I don't understand this advice. Could you explain what sort of vulnerability would exist in a custom install tool that would not exist when using Installer.app to install a custom package? Mike _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
