Comment by circularfoyers

4 years ago

Don't Linux distros accomplish these checks with GPG key signing, which don't need to phone home?

Does it ensure the executable you downloaded and granted access to is still the same and was not modified afterwards?

Another reason is that if a cert (or a cert in the chain) is known to be compromised it can be revoked—would the mechanism used on Linux give some equivalent of that, or one has to be rely on bug trackers or apply updates to ensure trusted signatures are up-to-date?

The binary you get from your upstream repositories are signed but they aren't verified after that. On macOS if you download vagrant and grant it the ability to read your project directory I can't overwrite or modify your binary without it tripping the system and losing those privileges.