- secdebug("codesign", "does not withstand strict scrutiny; ask the user");
- QueryCodeCheck query;
- query.inferHints(process);
- if (!query(verifier.path().c_str())) {
- secdebug("codesign", "user declined equivalence: cancel the access");
- CssmError::throwMe(CSSM_ERRCODE_USER_CANCELED);
- }
- RefPointer<OSXCode> wrap = new OSXCodeWrap(code);
- RefPointer<AclSubject> subject = new CodeSignatureAclSubject(OSXVerifier(wrap));
- SecurityServerAcl::addToStandardACL(context, subject);
- return noErr;