I assume that the package is built from source and...
# macosm
Mystery Incorporated
06/06/2022, 8:05 AMI assume that the package is built from source and therefore not signed with your entitlement to EndpointSecurity that you’ve been granted by Apple is that correct?
s
Stefano Bonicatti
06/06/2022, 10:02 AMThis would be a question for #C01DXJL16D8, although it’s described in their readme https://github.com/fleetdm/fleet/tree/main/orbit
Stefano Bonicatti
06/06/2022, 10:05 AMI’m not sure how they fully handle things but I would say that if they are re-doing packages, those definitely need to be signed and notarized.
Stefano Bonicatti
06/06/2022, 10:05 AMWhich is needed to have endpoint security
m
Mystery Incorporated
06/06/2022, 10:07 AMThanks yea they mention the ability for me to sign and notirize but I wasn't sure if that's just for the installer and the binary istelf is already signed or what? I am unfamiliar with how that process works
m
Mike Myers
06/06/2022, 6:50 PMThe signing process involves the pkg installer and everything inside it, so there is signing at both layers of the package. I guess what Fleet allows here is best asked in #C01DXJL16D8
s
sharvil
06/08/2022, 1:17 PMDidn’t see this, added the details here
https://osquery.slack.com/archives/C01DXJL16D8/p1654519649024239?thread_ts=1654428434.099379&cid=C01DXJL16D8
👍 2
2 Views