Attached are the files unsigned yet reside in my startup/login files/scripts. Is this normal?

StuntCoor
StuntCoor Posts: 1 New Member
in Home Security Beta Programs

Just making sure (even though I did a thorough scan) so as not to skew any future beta reports.

Do you not sign your Beta apps through AppleCA also?

Like Awesome

Answers

  • ArthurVal
    ArthurVal Posts: 235 F-Secure Employee

    Hello, @StuntCoor !

    Thanks for you report. All releases of FS Protection are properly signed and notarized prior to distribution.

    The alerts that can be seen on attached screenshots refer to some of our shell scripts that FS Protection is shipped with that are in use for license activation, database updates and file/URL reputation lookups. All mentioned components are shell scripts that are invoked either by FS Protection itself or launchd with some schedule. They are indeed unsigned due to the fact that Apple's signing tooling does not support singing of shell scripts. This is due to the fact that shell scripts are not proper macOS executable files. All macOS executable files that we ship with FS Protection are signed and notarized.

    We have plans on improving the current situation by replacing shell scripts with proper macOS executable files to enforce security and code signature validation that macOS provides for proper binaries. For the moment, you can ignore these alerts.

    Best regards, Arthur

    FS Protection Mac R&D Team

    Best regards, Arthur

    Mac R&D Team

    1Like Awesome
This discussion has been closed.

Categories