将Python添加到OS X防火墙选项？ [英] Add Python to OS X Firewall Options?

问题描述

通常，当我在MacBook（OS X 10.8.5）上启动Django开发Web服务器时，我会收到一个弹出窗口，表示您希望应用程序的python是否接受传入的网络连接？我总是点击允许，我可以在我的安全&隐私设置python在那里，并设置为允许传入连接，但我仍然得到这个弹出窗口。有没有额外的步骤，以防止这个弹出窗口重新出现？

谢谢。

解决方案

您可以通过自己签署有罪的应用程序二进制来解决此问题。

 免责声明：自己签名申请使应用程序出现更多的
安全的操作系统，实际上它不是。只有签署应用程序
，您100％肯定不是间谍软件或其他恶意程序。如果你有任何
的疑虑，只需卸载/重新安装。 
  

第1部分：创建签名身份

我要处理的解决方案 - 自己签名应用程序 - 要求我创建一个签名身份，也称为签名证书。这很容易做到：

1. 打开应用程序>实用程序>钥匙串访问。


2. 从钥匙扣访问菜单，选择证书助理>创建证书。


3. 填写证书的名称。该名称作为证书的名称显示在Keychain Access实用程序中。这也是您在引用此证书时将使用的名称。个人来说，我使用了我的签名身份。


4. 从证书类型菜单中选择代码签名


5. 从键入弹出菜单。


6. 检查让我覆盖默认值复选框。


7. 单击继续。


8. 证书的序列号。只要您没有其他同名和序列号的证书，任何号码都可以。


9. 单击继续。


10. 填写信息证书。


11. 单击继续。


12. 接受其余对话框的默认值。 / li>
    

一旦完成，您将在钥匙串访问中看到您的证书。验证您选择的名称，并完成此步骤。完成了！

步骤2：（重新）签署您的申请

现在你必须签署你的申请。为此，再次打开终端并使用以下命令：

  codesign -s我的签名身份-f $（哪个python）
  

将出现一个对话框，点击允许。

现在再次启动您的应用程序。您最后会收到接受传入连接对话框。点击允许。

从现在开始，您不应再再收到警告！现在可以享受防火墙的安全性，无需不断点击允许的麻烦。

信用：提供的原始来源作为此更新和注释的解决方案指南的起点， https://web.archive.org/web/20140228153242/http://silvanolte.com/blog/2011/01/18/do-您想要的应用程序接受传入网络连接

Often times when I start the Django development web server on my MacBook (OS X 10.8.5), I'll get a popup window that says, "Do you want the application 'python' to accept incoming network connections?" I always click "Allow" and I can see in my Security & Privacy settings that "python" is there and is set to "Allow incoming connections," but I still get this popup. Are there additional steps I need to take to prevent this popup from reappearing?

Thanks.

解决方案

You can resolve this by signing the offending application binary yourself.

Disclaimer: Signing an application yourself will make an application appear more
secure to the operating system, when in reality it isn’t. Only sign applications
that you are 100% sure are not spyware or otherwise malicious. If you have any
doubts, just uninstall/reinstall.

Part 1: Create a Signing Identity

The solution I’m going for – signing the app myself – requires that I create a Signing Identity, also known as Signing Certificate. This is very easy to do:

1. Open Applications > Utilities > Keychain Access.
2. From the Keychain Access menu, choose Certificate Assistant > Create a Certificate.
3. Fill in a name for the certificate. This name appears in the Keychain Access utility as the name of the certificate. This is also the name you will use when referencing this certificate. Personally, I used the name, "My Signing Identity."
4. Choose Code Signing from the Certificate Type menu.
5. Choose Self Signed Root from the Type popup menu.
6. Check the Let me override defaults checkbox.
7. Click Continue.
8. Specify a serial number for the certificate. Any number will do as long as you have no other certificate with the same name and serial number.
9. Click Continue.
10. Fill in the information for the certificate. You can use real or fake data, I used real data personally.
11. Click Continue.
12. Accept the defaults for the rest of the dialogs.

Once completed, you will see your certificate in Keychain Access. Verify the name you picked, and you’re done with this step. Well done!

Step 2: (Re-)Sign your application

Now you have to sign your application. To do this, open up Terminal again and use the following command:

codesign -s "My Signing Identity" -f $(which python)

A dialog will appear, click "Allow".

Now start your application again. You will get the accept incoming connections dialog one last time. Click "Allow".

From now on you should no longer get the warnings anymore! Now it is possible to enjoy the security of your firewall being active without the inconvenience of having to click "allow" constantly.

Credit: The original source which served as a starting place for this updated and annotated solution guide was https://web.archive.org/web/20140228153242/http://silvanolte.com/blog/2011/01/18/do-you-want-the-application-to-accept-incoming-network-connections

这篇关于将Python添加到OS X防火墙选项？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！