Well, I am glad I didn’t create havoc on your machine, and I hope I have not created havoc on somebody elses machines as well.
If they do it on the original, I hope it is possible to restore a copy with Time Machine, I have really no idea about how codesigning, or sandboxing works!
I’ll be very cautious about informing about what version of the operating system I am dealing with, and that people do this on their own when they are operating on later versions for the future!
The described tip is OK with Lion but, at least for me, it’s not with Mountain Lion.
I guess that the fact that it worked with Lion was the result of an error in the code because if I understand well, code signing is designed to prohibit changes in the applications.
The system can’t make the difference between a change made by a malware and change made by the user which may be an unauthorized one which found the required key(s).
On my side, before trying to edit something in an app, I zip it to keed a clean copy.
Yvan KOENIG (VALLAURIS, France) dimanche 2 septembre 2012 20:48:54
It’s not code-signing that checks for changes, it’s when something checks the code-signing. You can sign a script app and modify it, and it will still run fine, because there’s no code in it that actually checks the code-signing – it’s only checked by the OS on installation (and if/when it uses the keychain).
In the case of Preview, I suspect that checking is happening because it now uses a separate process as an XPC service.