FWIW, I tend to debug local builds of these individual branches to make
my life easier, for example by turning optimization off etc. It has only
been a handful of times that I had to debug an official build. Having to
disable SIP to debug isn't ideal, but tolerable given how infrequently
this would be necessary. I'd be interested to hear if others have had to
debug official builds more frequently.
-spohl
On 1/11/19 6:36 PM, Haik Aftandilian wrote:
Please take a look if you debug Firefox on macOS.
Apple's notary service[1] is a new way to sign macOS applications that has
some security benefits[2] and provides a slight user experience
improvement[3] when users download the application and run it for the first
time. Specifically, the dialog users have to click through to start the
application is less of a warning.
We are working on adopting the service on bug 1470607, but I wanted to
share how this will affect debugging and get some feedback. If an
application is "notarized", starting with macOS 10.14, the OS will prevent
debuggers from attaching to the application unless the user has disabled
macOS system integrity protection (SIP)[4] which requires a reboot. This
prevents debugging of the application with a debugger like lldb or gdb on a
default system.
Assuming the debugging restriction will _not_ apply to the Nightly channel,
local builds, or automation builds, will this debugging
restriction+workaround on official builds (Release, Beta, DevEd) be a
problem for your workflow or in any way you can envision?
Apple has stated that signing with the notary service will be required in a
future macOS version. I think we can assume that this means an application
that is not notarized will require special steps for first launch where the
user may also have to click through dire security warnings. Today,
launching Firefox for the first time on Mac already requires clicking
through one warning. The bug includes a screenshot[3] showing how it will
change with notarized builds.
Thanks,
Haik
1.
https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution
2. Using the service A) submits the application to Apple to run malware
checks on the binaries and B) requires setting some executable security
flags known as Hardened Runtime. At present, Firefox mostly does not
benefit from enabling Hardened Runtime for various reasons. Another benefit
relates to how a single version of the application can be revoked, without
having to revoke all versions signed with the same key.
3. https://bug1470607.bmoattachments.org/attachment.cgi?id=9036014
4. https://support.apple.com/en-us/HT204899
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
_______________________________________________
dev-platform mailing list
dev-platform@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-platform
