PDA

View Full Version : MacOS runs a signed executable that was tampered



gil_mo
02-15-2017, 08:44 AM
My Sierra MacOS agrees to run a signed executable that has been tampered. I checked the file using:

codesign --verify (...)

And got:

invalid signature (code or signature have been modified) (...)

The tampered app worked correctly in both "App Store" and "App Store and identified developers" settings.

This means that anyone can take a signed app and implant a virus before spreading it worldwide.

Am I missing something?
Thanks,
Gil.

harryb2448
02-15-2017, 03:42 PM
Yes.

Show us this 'virus' quick!