From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 72973 invoked by alias); 2 Apr 2015 22:35:15 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 72957 invoked by uid 89); 2 Apr 2015 22:35:13 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-3.3 required=5.0 tests=AWL,BAYES_50,FREEMAIL_FROM,KAM_THEBAT,SPF_SOFTFAIL autolearn=no version=3.3.2 X-HELO: smtp.ht-systems.ru Received: from smtp.ht-systems.ru (HELO smtp.ht-systems.ru) (78.110.50.177) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES256-GCM-SHA384 encrypted) ESMTPS; Thu, 02 Apr 2015 22:35:12 +0000 Received: from [91.78.183.206] (helo=darkdragon.lan) by smtp.ht-systems.ru with esmtpa (Exim 4.80.1) (envelope-from ) (Authenticated sender: postmaster@rootdir.org) id 1YdnhY-0004hf-EE ; Fri, 03 Apr 2015 01:35:04 +0300 Received: from [192.168.1.10] (HELO daemon2) by daemon2 (Office Mail Server 0.8.12 build 08053101) with SMTP; Thu, 02 Apr 2015 22:22:16 -0000 Date: Thu, 02 Apr 2015 22:35:00 -0000 From: Andrey Repin Reply-To: cygwin@cygwin.com Message-ID: <721062557.20150403012215@yandex.ru> To: "David A. Wheeler" , cygwin@cygwin.com Subject: Re: Should cygwin's setup*.exe be signed using Sign Tool? In-Reply-To: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-IsSubscribed: yes X-SW-Source: 2015-04/txt/msg00056.txt.bz2 Greetings, David A. Wheeler! > Running setup*.exe produces "Publisher: Unknown publisher", and it's > doubtful that many people check the signature of the .exe file before > running. Even if they did, there's the problem that the signature comes from the same place. > Has Cygwin considered signing the installer using Sign Tool? More info: Did Microsoft made it available separately? Or is there a description of the structure of such a signature and/or a free tool that can be used to generate it? Last I checked, you have to install a metric ton of garbage to get signtool as a bonus. > https://msdn.microsoft.com/en-us/library/windows/desktop/aa387764%28v=vs.85%29.aspx > > http://blog.didierstevens.com/2008/12/31/howto-add-a-digital-signature-to-executables/ > I believe signing it this way would eliminate the "unknown publisher"; it > would also protect the many people who don't follow the current > signature-checking process. This would create a strong barrier against code subversion after release. People who don't check signature manually, won't check the credibility of the embedded signature either. And it only takes about thirty seconds to fake the lines that are visible in prompt dialogue. Been there, done that. > The signed executable could also be signed using the current process, so you > don't need to *eliminate* any capability. I can't provide a patch to do > this, obviously :-). Signing executable doesn't alter its behavior in any way, shape or form. I've had success signing executable archives. -- With best regards, Andrey Repin Friday, April 3, 2015 01:17:20 Sorry for my terrible english... -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple