[MlMt] “Notarized” test release of MailMate
Patrik Fältström
paf at frobbit.se
Tue Mar 26 05:08:59 EDT 2019
Benny, thanks for this. I understand there might be a rough ride for a while although given your quality of work I do not see that as a high risk. :-) In general, more developers should go down the path you do.
Thanks!
Patrik
P.S. And thanks for the pointers to documentation about it!
On 25 Mar 2019, at 15:27, Benny Kjær Nielsen wrote:
> Hi MailMate users,
>
> the latest test release of MailMate is the first one which has a so-called “hardened runtime”. This allows it to be notarized by Apple resulting in the following to be shown when new users open MailMate for the first time:
>
> ![](cid:F4BB4190-6CF2-45AD-BABA-A4E43183D58C at freron.com "Screenshot 2019-03-25 at 14.04.17.png")
>
> (The usual one has a yellow warning triangle.)
>
> Apple writes about notarization [here](https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution), but it's written for developers. Most users just need to know that notarization means that before each release I upload a copy to Apple. They make some automated checks and report back when it has been accepted/rejected.
>
> The hardened runtime means that MailMate cannot access resources for which I have not explicitly requested MailMate to be able to access. For example, MailMate can no longer, in any way, access the camera, because I have not requested such access in the so-called list of entitlements. For now, MailMate only requests access to Contacts, Calendar, and AppleScript. The user is still explicitly asked about access and access can be declined by the user (just like before).
>
> Most of the above is only relevant on Mojave.
>
> Now, MailMate is a complex beast and it's very likely I've made mistakes. I have also not tested that it does not break anything on macOS releases before Mojave (in theory, it shouldn't be a problem...).
>
> In case of any issues, the last test release without the hardened runtime can be fetched here: http://updates.mailmate-app.com/archives/MailMate_r5620.tbz
>
> And yes, I will hopefully soon get around to answering mailing list emails :)
>
> --
> Benny
>
> ---
> Technical details:
>
> If you want to test this from scratch then you need to explicitly download MailMate here: http://updates.mailmate-app.com/archives/MailMate_r5622.tbz
>
> You also need to reset existing MailMate permissions like this:
>
> tccutil reset All com.freron.MailMate
>
> (This affects what you see in the “Security & Privacy ▸ Privacy” pane of System Preferences.)
> _______________________________________________
> mailmate mailing list
> mailmate at lists.freron.com
> https://lists.freron.com/listinfo/mailmate
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freron.com/pipermail/mailmate/attachments/20190326/cf23218e/attachment.sig>
More information about the mailmate
mailing list