|
From: | John Swensen |
Subject: | Re: Octave for OS X (was: How to install Octave 4.0.1 on OS X Yosemite) |
Date: | Wed, 8 Jun 2016 08:06:05 -0700 |
Dear all,
>> I would assume you can do anything you want :) and so can I within the limits set by the GPL, that is the beauty of free software.
>> The code-signing tech is described here: https://developer.apple.com/library/mac/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html
>> I believe Sebastian is familiar with it, we discussed it a bit at Octconf.
>> I personally feel a bit uneasy about Sourceforge, maybe because of this event: http://arstechnica.com/information-technology/2015/05/sourceforge-grabs-gimp-for-windows-account-wraps-installer-in-bundle-pushing-adware/
>> A lot of people seem to be using GIthub these days, both as source and binary repository.
>>
>> Edmund
>
> I assume If we code sign the bundle before uploading to sourceforrge, everyone who downloads benefits?
>
> Ben
sure, we could do code signing and I agree with Edmund's research that this should not violate the GPL. However, one needs to buy an Apple developer certificate but this would be rather inexpensive (100 Dollar).
Avoiding the discussion of benefits and drawbacks of code singing, the only practical advantage for now would be that users do not have to lower their corresponding security setting in the system preferences. For my taste, this is not a big deal anyway.
It might be that Apple will enforce signing in the future, then we really need to do something.
Bye
Sebastian
[Prev in Thread] | Current Thread | [Next in Thread] |