tags:

views:

194

answers:

1
+1  Q: 

unknown publisher warning on unique downloads

We have an exe file delivered by an ASP.NET application. This binary is actually modified on the fly in memory. Is there any way to sign the modified exe with authenticode in memory without writing to disk? There's probably no way to sign the original exe and still keep the signature valid after modification. We thought about using ram disk to help on disk i/o if we have to, but just wondering if there are any other options.

The problem is really how to get rid of the unknown publisher warning. So if there is any other way that does not involve signing or changing policy settings on the client's computer, please let me know as well.

A: 

I don't know the answer to this offhand, but I've seen it done by Just Great Software. They make customized installers for RegexBuddy and every time I've downloaded mine it's got its signature.

I'm curious though - why don't you want to persist the file to disk? You don't need to leave it there - persist it, sign it, load it back into memory and delete it. Or, persist it, and have an agent or cron job delete it after a couple days.

Rob  2009-06-26 16:42:14
It is actually what we're going to do. Just worried about disk I/O if there are too many concurrent users.
elan  2009-06-26 16:45:35

related questions

How do I sign a VSTO deployment?
Generic approach for signing non-PE files
Code Signing (Microsoft Authenticode)
Get timestamp from Authenticode Signed files in .NET
Verifying authenticode signature upon execution of .NET app
How can I verify signature of a Powershell .ps1 script using C#?
How can I sign an ActiveX control with a code signing certificate and be a verified publisher?
How do I use signtool.exe correctly in hudson running as a service?
When/why does Internet Explorer block installation of a (signed) ActiveX control?
Software Publisher Certificates and Strong Name Keys are they related?
Find out if assembly is signed with Authenticode
What happened to signwizard in signtool of Windows SDK 7.0?
How to sign installation files of a Visual Studio .msi
Preventing executables with invalid Authenticode signatures from running
How to define TeamBuild Item Collection with built executables and libraries
Cryptographic failure while signing assembly '<assemblyname>.dll' – 'Bad Version of Provider'
Sign every executable with authenticode certificate through MSBuild
MSI - Uninstall gives "Unidentified Publisher"
How do I set the http proxy in a subshell launched from a windows service
Which code signing authority should I go with?
How to verify a binary signed with a self-signed certificate?
CAPICOM - Verify SignedCode is from a Trusted Publisher without UI
Validate Authenticode signature on EXE - C++ without CAPICOM
Disabling authenticode signature verification in .NET exe without app.config