Xojo may need to code sign apps it builds in future

Targets macOS
1

See Updates in macOS Big Sur 11 Universal Apps Beta 4 here:

Code Signing

New Features in macOS Big Sur 11 Universal Apps Beta 4

  • Starting with Xcode 12 beta 4, the toolchain will now automatically sign your executables whenever you build from Xcode, or use command-line utilities such as clang(1) or ld(1) . This new mechanism generates signatures directly at link time, and doesn’t cover any resource other than the executable. As a result, it’s expected to be faster than a traditional codesign(1) invocation. If you use a custom workflow involving tools that modify a binary after linking (e.g. strip or install_name_tool ) you might need to manually call codesign(1) as an additional build phase to properly ad-hoc sign your binary.New in macOS 11 on Apple silicon Mac computers, and starting in the next macOS Big Sur 11 beta, the operating system will enforce that any executable must be signed with a valid signature before it’s allowed to run. There isn’t a specific identity requirement for this signature: a simple ad-hoc signature issued locally is sufficient, which includes signatures which are now generated automatically by the linker. This new behavior doesn’t change the long-established policy that our users and developers can run arbitrary code on their Macs, and is designed to simplify the execution policies on Apple silicon Mac computers and enable the system to better detect code modifications.This new policy doesn’t apply to translated x86 binaries running under Rosetta, nor does it apply to macOS 11 running on Intel platforms. (51911409)

So the linker used with Xojo For MacOS may need to apply an ad-hoc signature, even for debug builds.
Please take the chance to add code signing options right into Xojo.

2 Likes
2

Not a big deal as the clang linker they use may be able to just do that.

3
  1. It’s only for Apple Silicon.
  2. I’ve been preparing for this day for a while, which you’ll see very shortly :slight_smile:
4

I need this anyways because only signed apps can access full hard disk and use AppleScript. Idiotic, but who asks me.

1 Like
5

Yeah, I read that as the IDE will need to generate a self-signed certificate and sign everything.

6

Reading through that, it looks like that will only be important when the IDE itself is built as ARM.

7

Sure, but IDE is delivered signed.

And the new thing is that you guys need to apply at least ad-hoc signing with linking Mac apps, even for debug run.

8

Does this not imply that debug builds aren’t affected (as is running the compiled app on the same computer than where it was built)?

9

So Xcode will automatically sign it so you can run int but it must be signed in some manner

10

This seems to indicate that it will only apply to ARM.

11

Correct.

It would be nice if you could put it on the list of things to do for Mac ARM support at Xojo Inc.

12

I also understand the signature is not linked to your developer account. It’s just to chrck if the binary isn’t messed with
Just another step you need to do.

I am wondering if shell apps (like ffmpeg, mediainfo, blurayiso, …) you download will still work.

13

I’ve made some information available on the solution that I’ve been planning, for a while now.

App Wrapper 4.0
Read some preview information here.
https://www.ohanaware.com/blog/202035/Omegabundle-Whats-to-come.html

2 Likes
14