Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

OSX: Code-sign executable to avoid firewall warning dialog

OSX El Capitan and Go 1.6

What I want is simpler than it sounds from the title.

The OSX firewall disallows any unknown application from accepting connections. When any such program starts, the user is presented with a dialog whether or not the said executable should be permitted to receive connections. The user's choice is then remembered.

The above works fine when for example one develops with node where the actual executable is a single binary and the user just needs to allow/deny it once.

When developing in go (and any other compiled language) the created executable is different every time. Which means I get the dialog every single time I start my server.

One way to avoid this dialog is to sign the executable with a self-signed certificate one generates in OSX itself. Once we have the certificate we simply sign the executable and allow/deny it once. Code signatures are always remembered even if the executable binary changes.

So, my question is:

Is there a way to make go run the signing command before running the compiled binary?

like image 217
kliron Avatar asked Feb 27 '16 11:02

kliron


1 Answers

Even easier: start the server explicitly on localhost, like:

http.ListenAndServe("localhost:8080", nil)

I wrote a little piece on this recently:

suppressing-accept-incoming-network-connections-warnings-on-osx

like image 117
Lee Provoost Avatar answered Oct 17 '22 18:10

Lee Provoost