But the moment the user modifies something in the image and saves it, you've invalidated the signature. So signing and verifying the whole image probably won't work.
What do you think of launching images from a trusted image via OSProcess?
Immediately after saving an image, a hash for its .image file contents is computed. This hash is stored in a secure place (i.e., your keyring or sealed in a Capability). Later, to launch that saved image, you use a "SecureLauncher" class from your trusted image. SecureLauncher computes the hash of the .image you want to launch and looks for that specific hash on your keyring. If its not there, a Warning or Error is signaled..
cryptography@lists.squeakfoundation.org