[OpenAFS-port-darwin] Gatekeeper and OpenAFS
D Brashear
shadow@gmail.com
Thu, 25 Sep 2014 12:13:00 -0400
--001a11c2eea61259cd0503e61345
Content-Type: text/plain; charset=UTF-8
rdar://15927187 gatekeeper quarantine is broken on filesystems where xattr
is emulated
On Thu, Sep 25, 2014 at 11:51 AM, Jeffrey Altman <
jaltman@secure-endpoints.com> wrote:
> On 9/25/2014 11:45 AM, Matt Haught wrote:
> > I am wondering if anyone else using 10.9.5 and openafs has had
> > problems with files claiming to be damaged when trying to open them
> > from their afs space in Finder. A file will open the first time and
> > then fail the second with the file corrupted error. It happened
> > sporadically until the latest release where it occurred with ease.
> >
> > OSX creates a resource fork file starting with ._ for files. When we
> > get this error, deleting the corresponding ._filename.ext from the
> > Terminal will allow the file to be opened once again from Finder, only
> > to fail the next time.
> >
> > The only way I have figured out how to get around this is to switch
> > the gatekeeper Security preferences for "Allow apps downloaded from:"
> > to "Anywhere" ( spctl --master-disable ).
> >
> > Anyone else seeing this? Know why this is occurring?
> >
> > Thanks,
> > Matt Haught
> > North Carolina State University
>
>
> Matt,
>
> This is an Apple bug. AFS does not support extended attributes. OSX
> supports extended attributes in file systems that do not have native
> support via use of the dot-underscore files but OSX does not trust the
> dot-underscore files for security information.
>
> Jeffrey Altman
>
>
>
--
D
--001a11c2eea61259cd0503e61345
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">rdar://15927187 gatekeeper quarantine is broken on filesys=
tems where xattr is emulated<div><div class=3D"gmail_extra"><br><div class=
=3D"gmail_quote">On Thu, Sep 25, 2014 at 11:51 AM, Jeffrey Altman <span dir=
=3D"ltr"><<a href=3D"mailto:jaltman@secure-endpoints.com" target=3D"_bla=
nk">jaltman@secure-endpoints.com</a>></span> wrote:<br><blockquote class=
=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rg=
b(204,204,204);padding-left:1ex"><span>On 9/25/2014 11:45 AM, Matt Haught w=
rote:<br>
> I am wondering if anyone else using 10.9.5 and openafs has had<br>
> problems with files claiming to be damaged when trying to open them<br=
>
> from their afs space in Finder.=C2=A0 A file will open the first time =
and<br>
> then fail the second with the file corrupted error. It happened<br>
> sporadically until the latest release where it occurred with ease.<br>
><br>
> OSX creates a resource fork file starting with ._ for files. When we<b=
r>
> get this error, deleting the corresponding ._filename.ext from the<br>
> Terminal will allow the file to be opened once again from Finder, only=
<br>
> to fail the next time.<br>
><br>
> The only way I have figured out how to get around this is to switch<br=
>
> the gatekeeper Security preferences for "Allow apps downloaded fr=
om:"<br>
> to "Anywhere" ( spctl --master-disable ).<br>
><br>
> Anyone else seeing this? Know why this is occurring?<br>
><br>
> Thanks,<br>
> Matt Haught<br>
> North Carolina State University<br>
<br>
<br>
</span>Matt,<br>
<br>
This is an Apple bug.=C2=A0 AFS does not support extended attributes.=C2=A0=
OSX<br>
supports extended attributes in file systems that do not have native<br>
support via use of the dot-underscore files but OSX does not trust the<br>
dot-underscore files for security information.<br>
<span><font color=3D"#888888"><br>
Jeffrey Altman<br>
<br>
<br>
</font></span></blockquote></div><br><br clear=3D"all"><br>-- <br><div dir=
=3D"ltr">D</div>
</div></div></div>
--001a11c2eea61259cd0503e61345--