On Sep 21, 2011, at 5:59 AM, Francois Gouget wrote: > On Wed, 21 Sep 2011, Ken Thomases wrote: > >> Anyway, the application firewall is based on code-signing. The user's >> permission to allow a program to accept incoming connections is tied >> to the program's signature. > [...] >> Since regularly testing Wine entails constantly rebuilding it, the >> signature never survives for long and the system asks for permission >> with every new build. > > Exactly. So should the application firewall be causing trouble, the only > solution would be to disable it :-( I guess there's no way to > automatically authorize / sign the application?
You can, but it requires a digital certificate. I don't know if a self-signed certificate can be used. I think they can to a certain extent. A program signed with a self-signed certificate will allow for the application firewall to recognize it as the same program which was previously granted permission by the user. It would require a certificate traceable to a trusted root certificate for the application firewall to _implicitly_ trust the program and not require even the initial permission from the user. The command-line tool to do the code-signing is "codesign". There's a man page, of course, and also Apple's documentation: https://developer.apple.com/library/mac/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html -Ken