github-actions[bot]
commented
1 month ago This issue is stale because it has been open for 30 days with no activity.
Open mrkazoodle opened 2 months ago
github-actions[bot]
commented
1 month ago This issue is stale because it has been open for 30 days with no activity.
mrkazoodle
commented
1 month ago Hi,
I'm glad the response was not an immediate no, but no response at all is not very positive either... 😐
Romanitho
commented
1 month ago Hi,
We are not against code signing. But it is not our priority :/
mrkazoodle
commented
1 month ago Hi, I understand it doesn't add any functionality, but probably this would help with anti viruses: we use avast (business), and it doesn't like it. This was also probably the reason that a fork existed for intune Probably it is better when using applocker, to only run signed code (we're not using that yet, but planning to).
AndrewDemski-ad-gmail-com
commented
3 weeks ago Hi, AppLocker does not mind if a script file is signed using approved cert of approved by file hash. However setting your security levels too high may break PowerShell-based tool such as this one.
Please do not start from limiting the language mode. That will basically castrate your Helpdesk, IT-Ops and scripted solutions you may not know to have in your company. That will be the worst kind of ice-bucket challenge you can think of.
You've been warned. Good Luck
The request
Hi,
Please look into code signing again.
There is a Linux foundation project for code signing: https://www.sigstore.dev/
Here's the announcement on Google's security blog a couple of years ago: https://security.googleblog.com/2021/03/introducing-sigstore-easy-code-signing.html?m=1
There are some big companies backing this project, and they aim to be the let's encrypt for code signing, so it seems to me like a real opportunity to finally add this much requested feature.
Thanks in advance
Is your feature request related to a problem?
No response
Additional information
No response