On 2013-10-15 02:20:49 +0000, "deadalnix" <deadal...@gmail.com> said:
Also, what are the calls required to implement page protection and COW
on posix? I'd like to check whether those are allowed within the OS X
and iOS sandbox. For instance fork() isn't allowed for sandboxed apps.
You need mmap, mprotect and all the signal handling machinery.
mprotect is the one I'm worried about, as it lets you set the
executable bit (among other things) which could be exploited to run
arbitrary code. So I tested it and it seems to work fine on OS X inside
the sandbox (including for setting the executable bit). I guess an
executable with a reference to mprotect would probably also pass
Apple's Mac App Store validation, but I haven't tested.
mprotect isn't available at all with the iOS SDK. So making this
collector work on iOS (and the iOS Simulator) would require a different
codegen.
--
Michel Fortin
michel.for...@michelf.ca
http://michelf.ca
