Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to allow Python.app to firewall on Mac OS X?

When I run a python application on Mac, it shows many dialogs about want "Python.app" to accept incoming network connections.

Even I Allow it many times, it shows again and again.

How to allow it one time and not show any more?

enter image description here


Edit

I found this question: Add Python to OS X Firewall Options?

I followed the accepted answer to do but finally when I run codesign -s "My Signing Identity" -f $(which python), it said:

/usr/bin/python: replacing existing signature
error: /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/codesign_allocate: can't create output file: /usr/bin/python.cstemp (Operation not permitted)
/usr/bin/python: the codesign_allocate helper tool cannot be found or used

How to do next?

like image 378
ithelloworld Avatar asked Jan 13 '16 06:01

ithelloworld


People also ask

How do I allow an app through my firewall Mac?

Set firewall access for services and appsClick Firewall Options. If the Firewall Options button is disabled, first click Turn On Firewall to turn on the firewall for your Mac. Click the Add button under the list of services, then select the services or apps you want to add.

How do I know if my firewall is blocking a port Mac?

On a Mac computer (earlier than macOS 11 Big Sur)Type "Network Utility" in the search field and select Network Utility. Select Port Scan, enter an IP address or hostname in the text field, and specify a port range. Click Scan to begin the test. If a TCP port is open, it will be displayed here.

Should a Mac have a firewall?

But if you use a laptop and hop onto untrusted networks frequently, you should enable the firewall. macOS also includes an assortment of shared network services to remotely access your content. If you keep those services enabled or use third-party apps, that could make your Mac vulnerable to a network attack.


1 Answers

With the OS X firewall enabled, you can remove the "Do you want the application "python" to accept incoming network connections?" message.

Create a self-signed certificate.

Open Keychain Access. Applications > Utilities > Keychain Access.
Keychain Access menu > Certificate Assistant > Create a Certificate...
Enter a Name like "My Certificate".
Select Identity Type: Self Signed Root
Select Certificate Type: Code Signing
Check the Let me override defaults box
Click Continue
Enter a unique Serial Number
Enter 7300 for Validity Period.
Click Continue
Click Continue for the rest of the dialogs
Now sign your application

  codesign -s "My Certificate" -f $(which python)

In the dialog that appears, click "Allow".

Note that when using a virtual environment, you need to activate the virtual environment before running this command.
like image 163
Prasad Avatar answered Oct 21 '22 10:10

Prasad