I’m almost done with my deeper review of the firewall, but discovered something ugly in the process of podcasting and firewall testing.

If you enable the firewall in the “Set access for specific services and applications” mode, Leopard digitally signs applications on launch that aren’t already signed via Apple’s mechanism.

If that application happens to change during runtime, as Skype seems to, the signature no longer matches and the application won’t run. There are no dialogs or warnings- the icon just dances on the dock for a few bounces then disappears.

I went to podcast last night and had this happen. Reinstalling it fixed the problem, but then it hit again today. I looked in my console and saw the following:

Nov 1 16:09:34 CrashBook [0x0-0x27027].com.skype.skype[387]: Check 1 failed. Can’t run Skype

Googling that error returns some threads in Skype forums that indicate this is a known issue related to the firewall and code signing.

A reinstall fixes it, but this is, obviously, a bit of a problem.

I’m somewhat surprised this hasn’t made the rounds yet.