Incomplete codesign entitlements in build distributed by Mac App Store
Originator: | dkocher | ||
Number: | rdar://37934094 | Date Originated: | February 27 2018, 10:19 AM |
Status: | Closed | Resolved: | October 22 2018, 7:40 PM |
Product: | Mac App Store | Product Version: | |
Classification: | Reproducible: | Always |
When installing from the Mac App Store, the codesign entitlements are invalid and missing several keys. Some particular entitlements key submitted are missing from the package downloaded from the store. com.apple.security.network.client: true com.apple.security.files.downloads.read-write: true com.apple.security.files.user-selected.read-write: true com.apple.security.print: true You can view all submitted entitlement keys at https://itunesconnect.apple.com/WebObjects/iTunesConnect.woa/ra/ng/app/409222199/activity/osx/builds/6.4.1/27633/details Steps to Reproduce: Install Cyberduck 6.4.1 or 6.4.2 from the Mac App Store Expected Results: Complete codesign entitlements as found as when installing from the installer package (pkg) submitted to iTunes Connect. See attachment "Installer Package Codesign Entitlements.txt" Actual Results: Incomplete codesign entitlements when installed from the Mac App Store See attachment "Mac App Store Codesign Entitlements.txt" Version/Build: Reproducible in Cyberduck 6.4.1 built with Xcode 9.2 Build version 9C40b Reproducible in Cyberduck 6.4.2 built with Xcode 8.2.1 Build version 8C1002 References: https://trac.cyberduck.io/ticket/10237 Comments
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
Oct 23, 2018 at 2:40 AM
Engineering has the following feedback for you:
Thank you for you feedback. This issue has been resolved.
We are now closing this bug report.
If you have questions or comments about the resolution, please update your bug report with that information so we can respond.
The invalid processing by Apple is triggered by the line comments in the entitlements XML. Looks like someone at Apple is learning XML in production.