Executable files can (and should be!) digitally signed. Without a digital signature you can never be sure the files on your hard disk have not been tampered with. There is really no exception to this rule, except maybe smaller open source projects that lack the budget to buy the digital certificate required for signing. Digitally signing executable files is so important that Microsoft made it a requirement in the Windows 7 Logo Program. One might think that such a simple yet important thing as signed executables can be taken for granted by now. Well, let’s have a look!
Finding the Black Sheep
I have written a simple batch script that scans a given directory tree for files of a certain type and checks each matching file for a valid digital signature. The script can be downloaded, but here it is in all its beauty:
On the machine I am writing this, the script found 702 unsigned DLLs in the 32-bit program files folder alone. 702!! And most of them not by some open source project but by Microsoft, Citrix, VMWare, Adobe, Sun (Java)… Of course, I have the latest versions installed, so the lack of signatures is not due to me using dated software written in the stone age of computing.
What does my spot check tell us? Security does not seem to be taken seriously enough even by the largest software manufacturers. But unless every executable file is signed, policies blocking unsigned files cannot be put into effect. It looks like it might take some more years before digital signatures can be a truly powerful tool.
The following file types are considered executable files in the Windows 7 Logo Technical Requirements document: EXE, DLL, OCX, SYS, CPL, DRV, SCR. The document states that all executables must be signed with an Authenticode certificate, but leaves a loophole:
“Waivers will be considered only for unsigned third-party redistributables. A proof of communication to request a signed version of the redistributable(s) is required for this waiver to be granted.“
A Boolean value that indicates whether the app may create writable and executable memory without the restrictions imposed by using the MAP _JIT flag.
In rare cases, an app might need to overr > NSCreate Object File Image From Memory (which is fundamentally insecure), or use the DVDPlayback framework. Add the Allow Unsigned Executable Memory Entitlement to enable these use cases. Otherwise, the app might crash or behave in unexpected ways.
Including this entitlement exposes your app to common vulnerabilities in memory-unsafe code languages. Carefully consider whether your app needs this exception.
To add the entitlement to your app, first enable the Hardened Runtime capability in Xcode, and then under Runtime Exceptions, select Allow Unsigned Executable Memory.
You see the following security warning each time you update Land F/X and restart CAD:
Security – Unsigned Executable File: The publisher of this executable file could not be verified and the file is not located in a trusted folder.
This warning might appear up to three times in a row when you restart CAD, and you might see any of the following files listed as untrusted: acad.dll, LandFX.mnl, and/or LandFX.vlx.
You’re most likely seeing this warning because:
- You have the SECURELOAD system variable set to a value of 1, AND
- AutoCAD is treating any or all of the executable files required for Land F/X to load (the three files listed above) as files in untrusted locations.
About the SECURELOAD setting
The SECURELOAD system variable determines whether or not AutoCAD loads executable files, such as those required for Land F/X to function.
SECURELOAD can be set to any of the following values:
- 0: Executable files will load from any location, and you won’t see the warning message pictured above.
- 1: Executable files will only load if they’re in a location that’s included in your Trusted Paths, and you’ll see the security warning pictured above when an executable file isn’t able to load.
- 2: Executable files will only load if they’re in a location that’s included in your AutoCAD Trusted Paths. With the 2 setting, you won’t see the warning – executable files such as ours just won’t load. (You might see an Unknown command or No function definition error message when Land F/X is unable to load.)
The simplest way to address any of these issues (at the very least, as an initial troubleshooting step) is to set SECURELOAD to .
1. Type SECURELOAD in the Command line and press Enter. When prompted to enter a value, type 0 .
2. Restart AutoCAD or F/X CAD. You shouldn’t see the security warning.
3. Click any Land F/X tool. What happens now?
- The tool works just fine, and you don’t see an error message:Setting SECURELOAD to resolved the issue. Are you OK with keeping SECURELOAD at ?
- Yes:You’ve resolved the issue and can go back to work. (Note: We see no issue with keeping SECURELOAD set at .)
- No, it’s not an option.
Is keeping SECURELOAD set to 0 not an option for you? Here’s what to do.
As long as Land F/X is able to load – that is, you’re not seeing an Unknown command or No function definition error – you should be able to keep SECURELOAD set to without issue. (It’s our default setting with F/X CAD, in fact.)
However, your office may require you to have SECURELOAD enabled (that is, set to 1 or 2), or you may just not want to have it set to . If that’s the case, you’ll need to take a few extra steps each time you update Land F/X or move your LandFX folder:
1. For now, set SECURELOAD to 1.
2. Copy the following text: C:Program FilesLandfx\_menus_…
Take care to copy the ellipses (. ) at the end of that line of text.
3. You should see the security warning again.
- The file name that appears next to the word Name. (It will likely be one of the following files: acad.dll, LandFX.mnl, and/or LandFX.vlx.)
- The folder path that appears next to the word Location.
4. Type TRUSTEDPATHS into the AutoCAD Command line and press Enter.
5. When prompted to enter a value, paste the copied text from Step 2 and press Enter.
6. Restart CAD. What happens now?
You don’t see a security warning or error message. You’ve successfully added Land F/X to your trusted paths.
If you have SECURELOAD set to anything other than 0, you may need to add paths manually to your Trusted Paths in order to get Land F/X to load and update without issue. You’ll have some added protection against untrusted sites, but you’ll also need to repeat these steps each time you upgrade AutoCAD or move your LandFX folder to a new location.