couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Carlton Gibson <carlton.gib...@gmail.com>
Subject Re: CouchDBX Redux
Date Mon, 23 Apr 2012 19:43:21 GMT

On 23 Apr 2012, at 21:13, Jan Lehnardt <jan@apache.org> wrote:

>> On 10.8 it runs afoul of the new Gatekeeper feature.
> 
> The problem with that is that (afaik) running sub-process is not allowed, which in turn
means to compile CouchDB and Erlang and SpiderMonkey and ICU statically into the .app binary.
This has been done this for a proof-of-concept iOS distribution before, but it sure isn't
pretty.

I'm not sure about any restriction on subprocesses. — E.g. BBEdit is signed and launches
various helpers. — My understanding (and I will check) was that as long as your initiating
scripts that are inside your bundle (and so under the protection of the code-signing) then
you're good to go. 


>> Re. Roger's comments about the App Store: 
>> 
>> It would be awesome to have CouchDBX in the store. As soon as I can get clear on
the whole build process I'd be happy to sign an application for this and handle submitting
it. 
>> 
>> Would it be feasible for the Apache Foundation (CouchDB Branch) to handle this instead
though?
> 
> I'd prefer that the tools to build a CouchDBX would live with the Apache CouchDB project,
but I don't think we want to be responsible for maintaining relationships with the AppStore
and producing binaries and updates.
> 
>> That way the new version of the app would be more secure going forward. — I'd be
happy to maintain it but ideally it wouldn't depend on any one or small group of developers.

> 
> This would be interesting to find out, but I'd suggest to not worry about this until
we've got some cool software to actually submit :)

This was just a thought, but yes, agreed. :-)


>> 10.8 is going to require a developer certificate signing anyhow so this question
should be addressed.
> 
> Can you point to more resources about this. AFAIK the signing will be optional and usually
useful for end-user apps. Since CouchDBX is more targeted at developers who are more likely
to turn the signing feature off or to a lower level, we can avoid dealing with that.

Yes you can turn Gatekeeper off.

The docs (such as they are) are here:

https://developer.apple.com/library/prerelease/mac/#documentation/Security/Conceptual/Security_Overview/Introduction/Introduction.html#//apple_ref/doc/uid/TP30000976-CH1-SW1

(Remember the NDA — I don't know off-hand how much has changed from the public docs on code-signing
— it's been around a while.)

My view before this conversation was that we could bundle and sign everything we needed to
not require disabling Gatekeeper. (I don't think Sparkle would work with it though.) The App
Store would (ideally) require some extra steps to ensure continuity. (But as you say that
can wait.)





Mime
View raw message