#Teamviewer mac security and privacy code#
For example, the TeamViewer app code signature starts with anchor apple generic and identifier "" where is the bundle id.įor the TeamViewer_Desktop binary, the identifier is "$(PRODUCT_BUNDLE_IDENTIFIER) … which looks a lot like a script variable. Normally, code signatures include a unique bundle identifier for the app / binary with the signature. However, running codesign -dr- on the binary revealed the following signature: anchor apple generic and identifier " $(PRODUCT_BUNDLE_IDENTIFIER)" and (certificate leaf /* exists */ or certificate 1 /* exists */ and certificate leaf /* exists */ and certificate leaf = H7UGFBUGV6)
To allow this access across our fleet, we had to add the path of this binary as well as its code signature to our MDM. This binary lived in the app, and per TeamViewer’s documentation indicates it cannot be added manually. As a result of macOS security changes with Privacy Preferences Policy Control (PPPC), TeamViewer had added a new binary – TeamViewer_Desktop – in order to allow remote control. New Signature: anchor apple generic and identifier " " and (certificate leaf /* exists */ or certificate 1 /* exists */ and certificate leaf /* exists */ and certificate leaf = H7UGFBUGV6)īack in October, I observed something strange with TeamViewer 14 (and TeamViewer Host).Old Signature: anchor apple generic and identifier " $(PRODUCT_BUNDLE_IDENTIFIER)" and (certificate leaf /* exists */ or certificate 1 /* exists */ and certificate leaf /* exists */ and certificate leaf = H7UGFBUGV6).New Path: /Applications/TeamViewer.app/Contents/ MacOS/TeamViewer_Desktop.Old Path: /Applications/TeamViewer.app/Contents/ Helpers/TeamViewer_Desktop.If you use MDM to manage PPPC allowances, this will need to be updated for both apps. As of version, the path to this binary has also changed. The TeamViewer_Desktop code signature has changed as of version in both TeamViewer and TeamViewer Host.
0 kommentar(er)
