OSX Firewall is pedantic with unsigned executables #199
Comments
|
Essentially, if I install node via the installer on nodejs.org, I can start a server in node without the OSX firewall complaining. If I use If it is possible for |
I do not know what this means. I'm not sure why your OS would complain unless you're trying to bind to a privileged port, such as port 80, which you should never, ever do with node.js for any reason. If you can give me more info about what change is needed in the |
|
It's a new feature in OSX. If the firewall is turned on, it will prompt for each binary that tries to bind a port. If the binary is signed, it remember the rule. If the binary is unsigned, it asks each time. Doesn't need to be a privileged port. Here is a code sample that triggers the behavior. var http = require('http');
var server = http.createServer(function(req,res){
res.writeHead(200,'text/plain');
res.end('hello world');
});
server.listen(9999);Here's some bash code to get at the nodejs files packed in the OSX installer # expand the pkg file
pkgutil --expand node-v0.10.31.pkg /tmp/node-v0.10.31
# get at local.pkg which is the nodejs archive
cd /tmp/node-v0.10.31/local.pkg/
# gunzip and pipe to cpio
cat Payload | gzip -d | cpio -id
# payload has same directory structure as tarballAssumptions: |
|
I will submit a PR. |
Mac os's firewall can be a pain when unsigned binaries want to listen to ports (privileged or not) and will not remember firewall permissions for the unsigned binary. This commit addresses the issue by downloading the `.pkg` file from nodejs.org and unpacking it.
Is it possible to grab signed binaries so the OSX firewall won't freak out every time an app tries to listen as a server? The installer served by nodejs.org include signed binaries, while the binaries in the binary archives are not signed.
Not sure if this is an issue with n or if joyent needs to fix this.
The text was updated successfully, but these errors were encountered: