Title
#macos
Mystery Incorporated

Mystery Incorporated

06/06/2022, 8:05 AM
I assume that the package is built from source and therefore not signed with your entitlement to EndpointSecurity that you’ve been granted by Apple is that correct?
Stefano Bonicatti

Stefano Bonicatti

06/06/2022, 10:02 AM
This would be a question for #fleet, although it’s described in their readme https://github.com/fleetdm/fleet/tree/main/orbit
10:05 AM
I’m not sure how they fully handle things but I would say that if they are re-doing packages, those definitely need to be signed and notarized.
10:05 AM
Which is needed to have endpoint security
Mystery Incorporated

Mystery Incorporated

06/06/2022, 10:07 AM
Thanks yea they mention the ability for me to sign and notirize but I wasn't sure if that's just for the installer and the binary istelf is already signed or what? I am unfamiliar with how that process works
Mike Myers

Mike Myers

06/06/2022, 6:50 PM
The signing process involves the pkg installer and everything inside it, so there is signing at both layers of the package. I guess what Fleet allows here is best asked in #fleet