Re: [R-SIG-Mac] R 3.5.3 macOS binary not signed?

2019-03-14 Thread Marc Schwartz via R-SIG-Mac 
Hi Simon,

Thanks for following up. 

I presumed that this was a production issue of some nature, as you had 
established the pattern of digitally signing the binaries some time ago.

Thanks again!

Marc


> On Mar 14, 2019, at 9:36 AM, Simon Urbanek  
> wrote:
> 
> Marc,
> 
> thanks, I'm glad that at least someone pays attention and checks the 
> signature ;). I'm surprised my machine didn't raise a flag - I did test the 
> image locally from the master URL before releasing.
> 
> I have now updated the package to be signed, it is identical content, just 
> signed. You can get is from the Mac master server 
> https://mac.R-project.org/bin/macosx now and other CRAN servers will sync in 
> due time.
> 
> Thanks,
> Simon
> 
> 
> 
>> On Mar 14, 2019, at 8:18 AM, Marc Schwartz via R-SIG-Mac 
>>  wrote:
>> 
>> Hi,
>> 
>> I just tried to install the R 3.5.3 macOS binary from CRAN.
>> 
>> The SHA hash matches what is on CRAN, but I get an unknown developer message 
>> when I try to install.
>> 
>> I get:
>> 
>> pkgutil --check-signature R-3.5.3.pkg
>> Package "R-3.5.3.pkg":
>>  Status: no signature
>> 
>> 
>> I rechecked the 3.5.2 binary and do not have the issue there.
>> 
>> Thanks,
>> 
>> Marc Schwartz
>> 
>> ___
>> R-SIG-Mac mailing list
>> R-SIG-Mac@r-project.org
>> https://stat.ethz.ch/mailman/listinfo/r-sig-mac
> 

___
R-SIG-Mac mailing list
R-SIG-Mac@r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac

Re: [R-SIG-Mac] R 3.5.3 macOS binary not signed?

2019-03-14 Thread Luis Puerto 
I agree more or less with both of you in this take! 

I really appreciate Apple effort for keep users safe and this is one the 
reasons I'm choosing Apple. 

However, one not always can install signed software and that doesn't mean you 
are directly at risk. You just have to know what are you doing. 

Luckily even if you disabling Gatekeeper 
 you still get a warning 
every time you install something out of App Store of some place that isn't in 
the safe list. 

Warnings are great, but prohibitions can go south quickly. I think we can all 
remember the problems some Windows system got in the past by warning and asking 
for the password too much. Users finally logged as root to avoid the nuance, 
thus making the system insecure. 


> On 14 Mar 2019, at 16:45, Simon Urbanek  wrote:
> 
> My point of objection was the disabling all checks in a blanket manner. Since 
> this forum is read by many people, not everyone may realize the very harmful 
> implications of that single command.
> If you know what you're doing, that's fine, but then you also know that you 
> can simply use Open and acknowledge that you want to install anyway which is 
> much safer way that to disable all checks systemwide.
> 
> Same goes with SIP - for 99.99% of users it protects them and for a very good 
> reason. If you need to modify system files, you better know what you're doing 
> and take all the responsibility. There is also a very good reason why you 
> need to go to Recovery to do that - it wouldn't make any sense otherwise ;).
> 
> Cheers,
> Simon
> 
> 
>> On Mar 14, 2019, at 10:19 AM, Dr Eberhard W Lisse  wrote:
>> 
>> 
>> Not Really.
>> 
>> I have been loading R binaries for almost 10 years from CRAN, if not
>> longer.  If the SHA is ok, I don't care about Apple's Nanny mechanism.
>> 
>> And, it still warns on the first run, whether you really want to run a
>> program downloaded from the Internet.
>> 
>> The correct statement wouldhave been, something like: "Be careful when
>> you do that and only load binaries from reputable sources such as CRAN"
>> 
>> I really, really, really do not understand, after almost 40 years of
>> doing this (sendmail anyone?), why Apple wants to make an automated
>> start of Postfix requiring the SIP to be disabled off of the Recovery
>> Boot for a simple change of the launch control files.
>> 
>> el
>> 
>> On 2019-03-14 22:37 , Simon Urbanek wrote:
>>> Very, very, very bad idea - never ever do that unless you're really
>>> happy to infest your machine with nice viruses and ransomware.
>>> 
>>> Cheers,
>>> Simon
>>> 
>>> 
 On Mar 14, 2019, at 8:43 AM, Dr Eberhard W Lisse  wrote:
 
 Try from the commandline
 
 sudo spctl --master-disable
 
 and then install the package
 
 el
>> 
>> ___
>> R-SIG-Mac mailing list
>> R-SIG-Mac@r-project.org
>> https://stat.ethz.ch/mailman/listinfo/r-sig-mac
> 
> ___
> R-SIG-Mac mailing list
> R-SIG-Mac@r-project.org
> https://stat.ethz.ch/mailman/listinfo/r-sig-mac


[[alternative HTML version deleted]]

___
R-SIG-Mac mailing list
R-SIG-Mac@r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac

Re: [R-SIG-Mac] R 3.5.3 macOS binary not signed?

2019-03-14 Thread Simon Urbanek 
My point of objection was the disabling all checks in a blanket manner. Since 
this forum is read by many people, not everyone may realize the very harmful 
implications of that single command.
If you know what you're doing, that's fine, but then you also know that you can 
simply use Open and acknowledge that you want to install anyway which is much 
safer way that to disable all checks systemwide.

Same goes with SIP - for 99.99% of users it protects them and for a very good 
reason. If you need to modify system files, you better know what you're doing 
and take all the responsibility. There is also a very good reason why you need 
to go to Recovery to do that - it wouldn't make any sense otherwise ;).

Cheers,
Simon


> On Mar 14, 2019, at 10:19 AM, Dr Eberhard W Lisse  wrote:
> 
> 
> Not Really.
> 
> I have been loading R binaries for almost 10 years from CRAN, if not
> longer.  If the SHA is ok, I don't care about Apple's Nanny mechanism.
> 
> And, it still warns on the first run, whether you really want to run a
> program downloaded from the Internet.
> 
> The correct statement wouldhave been, something like: "Be careful when
> you do that and only load binaries from reputable sources such as CRAN"
> 
> I really, really, really do not understand, after almost 40 years of
> doing this (sendmail anyone?), why Apple wants to make an automated
> start of Postfix requiring the SIP to be disabled off of the Recovery
> Boot for a simple change of the launch control files.
> 
> el
> 
> On 2019-03-14 22:37 , Simon Urbanek wrote:
>> Very, very, very bad idea - never ever do that unless you're really
>> happy to infest your machine with nice viruses and ransomware.
>> 
>> Cheers,
>> Simon
>> 
>> 
>>> On Mar 14, 2019, at 8:43 AM, Dr Eberhard W Lisse  wrote:
>>> 
>>> Try from the commandline
>>> 
>>> sudo spctl --master-disable
>>> 
>>> and then install the package
>>> 
>>> el
> 
> ___
> R-SIG-Mac mailing list
> R-SIG-Mac@r-project.org
> https://stat.ethz.ch/mailman/listinfo/r-sig-mac

___
R-SIG-Mac mailing list
R-SIG-Mac@r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac

Re: [R-SIG-Mac] R 3.5.3 macOS binary not signed?

2019-03-14 Thread Dr Eberhard W Lisse 
Marc,

the same is achieved by the hash published by CRAN.

Though, of course, if the developers have a developer account, there is
nothing wrong with using it and even less with reporting the lack of use
of it :-)-O


el

On 2019-03-14 21:49 , Marc Schwartz via R-SIG-Mac wrote:
> Hi,
> 
> I am aware of the workaround, both from the CLI and via System
> Preferences.
> 
> The question is more about confirming that the binary is valid and
> from a source that is trusted, which is the point of digitally signing
> binaries as a trusted Apple developer.
> 
> Thanks,
> 
> Marc
[...]
-- 
Dr. Eberhard W. Lisse  / Obstetrician & Gynaecologist (Saar)
e...@lisse.na/ * |   Telephone: +264 81 124 6733 (cell)
PO Box 8421  /
Bachbrecht, Namibia ;/

___
R-SIG-Mac mailing list
R-SIG-Mac@r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac

Re: [R-SIG-Mac] R 3.5.3 macOS binary not signed?

2019-03-14 Thread Dr Eberhard W Lisse 


Not Really.

I have been loading R binaries for almost 10 years from CRAN, if not
longer.  If the SHA is ok, I don't care about Apple's Nanny mechanism.

And, it still warns on the first run, whether you really want to run a
program downloaded from the Internet.

The correct statement wouldhave been, something like: "Be careful when
you do that and only load binaries from reputable sources such as CRAN"

I really, really, really do not understand, after almost 40 years of
doing this (sendmail anyone?), why Apple wants to make an automated
start of Postfix requiring the SIP to be disabled off of the Recovery
Boot for a simple change of the launch control files.

el

On 2019-03-14 22:37 , Simon Urbanek wrote:
> Very, very, very bad idea - never ever do that unless you're really
> happy to infest your machine with nice viruses and ransomware.
>
> Cheers,
> Simon
>
>
>> On Mar 14, 2019, at 8:43 AM, Dr Eberhard W Lisse  wrote:
>>
>> Try from the commandline
>>
>> sudo spctl --master-disable
>>
>> and then install the package
>>
>> el

___
R-SIG-Mac mailing list
R-SIG-Mac@r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac

Re: [R-SIG-Mac] R 3.5.3 macOS binary not signed?

2019-03-14 Thread peter dalgaard 
The version from mac.R-project.org installs fine. CRAN master still has the 
unsigned version (recognizable by an MD5 hash starting with fff) at this point.

-pd

> On 14 Mar 2019, at 14:36 , Simon Urbanek  wrote:
> 
> Marc,
> 
> thanks, I'm glad that at least someone pays attention and checks the 
> signature ;). I'm surprised my machine didn't raise a flag - I did test the 
> image locally from the master URL before releasing.
> 
> I have now updated the package to be signed, it is identical content, just 
> signed. You can get is from the Mac master server 
> https://mac.R-project.org/bin/macosx now and other CRAN servers will sync in 
> due time.
> 
> Thanks,
> Simon
> 
> 
> 
>> On Mar 14, 2019, at 8:18 AM, Marc Schwartz via R-SIG-Mac 
>>  wrote:
>> 
>> Hi,
>> 
>> I just tried to install the R 3.5.3 macOS binary from CRAN.
>> 
>> The SHA hash matches what is on CRAN, but I get an unknown developer message 
>> when I try to install.
>> 
>> I get:
>> 
>> pkgutil --check-signature R-3.5.3.pkg
>> Package "R-3.5.3.pkg":
>>  Status: no signature
>> 
>> 
>> I rechecked the 3.5.2 binary and do not have the issue there.
>> 
>> Thanks,
>> 
>> Marc Schwartz
>> 
>> ___
>> R-SIG-Mac mailing list
>> R-SIG-Mac@r-project.org
>> https://stat.ethz.ch/mailman/listinfo/r-sig-mac
> 
> ___
> R-SIG-Mac mailing list
> R-SIG-Mac@r-project.org
> https://stat.ethz.ch/mailman/listinfo/r-sig-mac

-- 
Peter Dalgaard, Professor,
Center for Statistics, Copenhagen Business School
Solbjerg Plads 3, 2000 Frederiksberg, Denmark
Phone: (+45)38153501
Office: A 4.23
Email: pd@cbs.dk  Priv: pda...@gmail.com

___
R-SIG-Mac mailing list
R-SIG-Mac@r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac

Re: [R-SIG-Mac] R 3.5.3 macOS binary not signed?

2019-03-14 Thread peter dalgaard 
[Resending - screenshot was too big]

Actually, the OS does that even if we don't pay attention, so apparently people 
just haven't gotten around to upgrade and we haven't had new Mac users 
installing 3.5.3 yet. (To a first approximation, that is - some will of course 
know how to bypass the signature check). 

-pd

> On 14 Mar 2019, at 14:36 , Simon Urbanek  > wrote:
> 
> Marc,
> 
> thanks, I'm glad that at least someone pays attention and checks the 
> signature ;). I'm surprised my machine didn't raise a flag - I did test the 
> image locally from the master URL before releasing.
> 
> I have now updated the package to be signed, it is identical content, just 
> signed. You can get is from the Mac master server 
> https://mac.R-project.org/bin/macosx  
> now and other CRAN servers will sync in due time.
> 
> Thanks,
> Simon
> 
> 
> 
>> On Mar 14, 2019, at 8:18 AM, Marc Schwartz via R-SIG-Mac 
>> mailto:r-sig-mac@r-project.org>> wrote:
>> 
>> Hi,
>> 
>> I just tried to install the R 3.5.3 macOS binary from CRAN.
>> 
>> The SHA hash matches what is on CRAN, but I get an unknown developer message 
>> when I try to install.
>> 
>> I get:
>> 
>> pkgutil --check-signature R-3.5.3.pkg
>> Package "R-3.5.3.pkg":
>>  Status: no signature
>> 
>> 
>> I rechecked the 3.5.2 binary and do not have the issue there.
>> 
>> Thanks,
>> 
>> Marc Schwartz
>> 
>> ___
>> R-SIG-Mac mailing list
>> R-SIG-Mac@r-project.org 
>> https://stat.ethz.ch/mailman/listinfo/r-sig-mac
> 
> ___
> R-SIG-Mac mailing list
> R-SIG-Mac@r-project.org 
> https://stat.ethz.ch/mailman/listinfo/r-sig-mac

-- 
Peter Dalgaard, Professor,
Center for Statistics, Copenhagen Business School
Solbjerg Plads 3, 2000 Frederiksberg, Denmark
Phone: (+45)38153501
Office: A 4.23
Email: pd@cbs.dk   Priv: pda...@gmail.com






___
R-SIG-Mac mailing list
R-SIG-Mac@r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac

Re: [R-SIG-Mac] R 3.5.3 macOS binary not signed?

2019-03-14 Thread Simon Urbanek 
Very, very, very bad idea - never ever do that unless you're really happy to 
infest your machine with nice viruses and ransomware.

Cheers,
Simon


> On Mar 14, 2019, at 8:43 AM, Dr Eberhard W Lisse  wrote:
> 
> Try from the commandline
> 
> sudo spctl --master-disable
> 
> and then install the package
> 
> el
> 
> Sent from Dr Lisse's iPad mini 4
> On 14 Mar 2019, 21:18 +0900, Marc Schwartz via R-SIG-Mac 
> , wrote:
>> Hi,
>> 
>> I just tried to install the R 3.5.3 macOS binary from CRAN.
>> 
>> The SHA hash matches what is on CRAN, but I get an unknown developer message 
>> when I try to install.
>> 
>> I get:
>> 
>> pkgutil --check-signature R-3.5.3.pkg
>> Package "R-3.5.3.pkg":
>> Status: no signature
>> 
>> 
>> I rechecked the 3.5.2 binary and do not have the issue there.
>> 
>> Thanks,
>> 
>> Marc Schwartz
>> 
>> ___
>> R-SIG-Mac mailing list
>> R-SIG-Mac@r-project.org
>> https://stat.ethz.ch/mailman/listinfo/r-sig-mac
> 
>   [[alternative HTML version deleted]]
> 
> ___
> R-SIG-Mac mailing list
> R-SIG-Mac@r-project.org
> https://stat.ethz.ch/mailman/listinfo/r-sig-mac

___
R-SIG-Mac mailing list
R-SIG-Mac@r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac

Re: [R-SIG-Mac] R 3.5.3 macOS binary not signed?

2019-03-14 Thread Simon Urbanek 
Marc,

thanks, I'm glad that at least someone pays attention and checks the signature 
;). I'm surprised my machine didn't raise a flag - I did test the image locally 
from the master URL before releasing.

I have now updated the package to be signed, it is identical content, just 
signed. You can get is from the Mac master server 
https://mac.R-project.org/bin/macosx now and other CRAN servers will sync in 
due time.

Thanks,
Simon



> On Mar 14, 2019, at 8:18 AM, Marc Schwartz via R-SIG-Mac 
>  wrote:
> 
> Hi,
> 
> I just tried to install the R 3.5.3 macOS binary from CRAN.
> 
> The SHA hash matches what is on CRAN, but I get an unknown developer message 
> when I try to install.
> 
> I get:
> 
> pkgutil --check-signature R-3.5.3.pkg
> Package "R-3.5.3.pkg":
>   Status: no signature
> 
> 
> I rechecked the 3.5.2 binary and do not have the issue there.
> 
> Thanks,
> 
> Marc Schwartz
> 
> ___
> R-SIG-Mac mailing list
> R-SIG-Mac@r-project.org
> https://stat.ethz.ch/mailman/listinfo/r-sig-mac

___
R-SIG-Mac mailing list
R-SIG-Mac@r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac

Re: [R-SIG-Mac] R 3.5.3 macOS binary not signed?

2019-03-14 Thread Marc Schwartz via R-SIG-Mac 
Hi,

I am aware of the workaround, both from the CLI and via System Preferences.

The question is more about confirming that the binary is valid and from a 
source that is trusted, which is the point of digitally signing binaries as a 
trusted Apple developer.

Thanks,

Marc


> On Mar 14, 2019, at 8:43 AM, Dr Eberhard W Lisse  wrote:
> 
> Try from the commandline
> 
> sudo spctl --master-disable
> 
> and then install the package
> 
> el
> 
> Sent from Dr Lisse's iPad mini 4
> On 14 Mar 2019, 21:18 +0900, Marc Schwartz via R-SIG-Mac 
> , wrote:
>> Hi,
>> 
>> I just tried to install the R 3.5.3 macOS binary from CRAN.
>> 
>> The SHA hash matches what is on CRAN, but I get an unknown developer message 
>> when I try to install.
>> 
>> I get:
>> 
>> pkgutil --check-signature R-3.5.3.pkg
>> Package "R-3.5.3.pkg":
>> Status: no signature
>> 
>> 
>> I rechecked the 3.5.2 binary and do not have the issue there.
>> 
>> Thanks,
>> 
>> Marc Schwartz
>> 
>> ___
>> R-SIG-Mac mailing list
>> R-SIG-Mac@r-project.org
>> https://stat.ethz.ch/mailman/listinfo/r-sig-mac
> 
>   [[alternative HTML version deleted]]
> 
> ___
> R-SIG-Mac mailing list
> R-SIG-Mac@r-project.org
> https://stat.ethz.ch/mailman/listinfo/r-sig-mac

___
R-SIG-Mac mailing list
R-SIG-Mac@r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac

Re: [R-SIG-Mac] R 3.5.3 macOS binary not signed?

2019-03-14 Thread Dr Eberhard W Lisse 
Try from the commandline

sudo spctl --master-disable

and then install the package

el

Sent from Dr Lisse's iPad mini 4
On 14 Mar 2019, 21:18 +0900, Marc Schwartz via R-SIG-Mac 
, wrote:
> Hi,
>
> I just tried to install the R 3.5.3 macOS binary from CRAN.
>
> The SHA hash matches what is on CRAN, but I get an unknown developer message 
> when I try to install.
>
> I get:
>
> pkgutil --check-signature R-3.5.3.pkg
> Package "R-3.5.3.pkg":
> Status: no signature
>
>
> I rechecked the 3.5.2 binary and do not have the issue there.
>
> Thanks,
>
> Marc Schwartz
>
> ___
> R-SIG-Mac mailing list
> R-SIG-Mac@r-project.org
> https://stat.ethz.ch/mailman/listinfo/r-sig-mac

[[alternative HTML version deleted]]

___
R-SIG-Mac mailing list
R-SIG-Mac@r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac

[R-SIG-Mac] R 3.5.3 macOS binary not signed?

2019-03-14 Thread Marc Schwartz via R-SIG-Mac 
Hi,

I just tried to install the R 3.5.3 macOS binary from CRAN.

The SHA hash matches what is on CRAN, but I get an unknown developer message 
when I try to install.

I get:

pkgutil --check-signature R-3.5.3.pkg
Package "R-3.5.3.pkg":
   Status: no signature


I rechecked the 3.5.2 binary and do not have the issue there.

Thanks,

Marc Schwartz

___
R-SIG-Mac mailing list
R-SIG-Mac@r-project.org
https://stat.ethz.ch/mailman/listinfo/r-sig-mac