Security Documentation


#1

I work in a relatively high security environment mostly using a security hardened macbook pro. I'd really like to use BTT on my hardened macbook, where all the software is vetted and approved. I know there is documentation about the usage of the accessibility API, and the package is signed, but is there documentation about the security of the software as a whole? If not, I imagine having this available would be useful to others as well.

What I would be looking for is mostly security controls around the development, build, signing, and packaging. What controls are in place to make sure source code isn't modified by an untrusted party? What controls are in place to make sure the build system is secure up until the package is signed?