Y
Hacker News
new
|
ask
|
show
|
jobs
by
cjbprime
2512 days ago
I think you need OS codesigning integration for this threat model. Otherwise whatever special app runtime check code you add just gets removed by the malicious overwrite of your app code.
1 comments
some_furry
2512 days ago
I'm just doing this for secure updates, so that malware doesn't get delivered through the update mechanism. For precedent, see
https://core.trac.wordpress.org/ticket/39309
It isn't meant to mitigate a compromised endpoint.
link
It isn't meant to mitigate a compromised endpoint.