Rogue Amoeba
(((lbutlr)))
@RogueAmoeba what about “this app needs to be in Applications to run. Do you want me to move there and relaunch?”
For our fellow Mac devs: http://weblog.rogueamoeba.com/2016/06/29/sierra-and-gatekeeper-path-randomization/ … Gatekeeper Path Randomization is new in 10.12, and it may lead to issues with your apps.
-
-
- View other replies
-
@lbutlr Requiring an app to be in /Apps isn’t right, and shouldn’t be necessary. Having all apps make that change is user-hostile. - View other replies
-
@RogueAmoeba@lbutlr apps shouldn't be able to run from ~/Downloads. Maybe Safari should auto-move Developer ID signed apps to /Applications -
@bryanpietrzak@lbutlr Why shouldn’t apps run from Downloads? Who are we to decide? As noted, users trialing software do it from Downloads. -
@RogueAmoeba@lbutlr Too confusing for many ppl. Many don't understand where downloads even go. Some have many apps in Downloads. -
@bryanpietrzak@lbutlr They do, and that’s their business. It’s not our job, or our right, to organize their hard drive for them. -
@RogueAmoeba@lbutlr Disappointing response. It should be our (Apple's) job to make it easier for the vast majority that don't grok the fs -
@bryanpietrzak@lbutlr We’re an independent developer, not Apple. We want simplicity, but we don’t want to take useful freedoms away. - View other replies
- Show more
-
-
-
@RogueAmoeba@mikeash doesn't your proposal just lead to every app setting that plist entry and neutering the feature? Seems pointless. - View other replies
-
@jalexlind@mikeash Almost no app NEEDS the feature. If we’re not loading external resources, we’re not vulnerable. -
@jalexlind@mikeash Nearly all apps SHOULD set that plist entry. That’s a fast, easy workaround. Forcing the user to move the app is wrong. - View other replies
-
@RogueAmoeba@mikeash but asking for the "trust me, I'm legit" via a plist entry seems dubious. May as well not have the feature then. - View other replies
-
@jalexlind@mikeash Not at all. The feature still works on those vulnerable apps that have already been distributed. -
@jalexlind@mikeash If a developer attempts to paper over things by misusing the flag, Apple has plenty of recourse. - View other replies
-
@RogueAmoeba@mikeash by the time it's noticed and certificate revoked, kinda too late. This seems reasonably preventative. -
@jalexlind@mikeash By that logic, why have the certificate at all then? This has big downsides, and tiny upsides. It’s a poor solution. - View other replies
- Show more
-
-
-
@RogueAmoeba
seems to want devs to use dmgs. Still published in a readonly volume but it’s not a new problem. -
@RogueAmoeba in my testing signed dmgs avoid translocation even if you ship a folder of apps -
@zorg__ http://weblog.rogueamoeba.com/2016/06/29/sierra-and-gatekeeper-path-randomization/comment-page-1/#comment-4033 … In short, DMGs work, but are unappealing. -
@RogueAmoeba indeed however I get the impressiondislikes zip here; eg, they can be poor for preserving xattrs. May be a tough battle. - View other replies
-
@zorg__ If Apple wanted to kill .zips, they’d be far more up-front about it. This just has the smell of a poor implementation. -
@RogueAmoeba well they are up front about wanting devs to use signed dmgs, and not zip, at the least -
@zorg__ True enough, as WWDC2016 anyway. Our experience shows zips are more user-friendly though, and we’ll hold on to them if we can.
-
Bryan Pietrzak
Alex Lind
Mayur Pawashe
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.