'Is there a way to prevent the signature removal with SignTool?
Let's say I've bought a certificate and signed my Inno Setup installer and the source files with it. Then the installer goes to users who might simply remove the signature which might be against the company's policy. Is there a way to prevent that, so the user won't be able to remove the signature?
Solution 1:[1]
An executable is a file as any other. There's nothing you can do to prevent the user from modifying a file on his/hers Windows machine any way the user likes (unless you control the machine). On Windows, the user has a full control. That's both the power and weakness of the platform.
Of course you can make it harder by having the installer itself check if it is signed (and signed with the right signature). But again, nothing prevents the user from removing the check, though it's indeed lot more difficult that just removing the signature.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 |