Yeah, and, after talking to the sandbox gurus at Apple last night it's pretty clear that sandboxing is fairly monomaniacal in its focus: It just wants to deny things. It doesn't want to hide, redirect or otherwise interpose filesystem / other operations, and given all of the complexities inherent in the other approaches, that makes sense. Rats. It would have been so much simpler if we could have figured out how to piggy-back on sandboxing.
I'm about to jump on a plane for a long trip. Let me think about this for awhile in my seat. :) - Jordan On Sep 26, 2012, at 11:30 PM, Clemens Lang <[email protected]> wrote: > while that would help, hiding directories is not enough. The same > problem breaks the currently implemented trace mode, because autoconf > reads the contents of $prefix/share/aclocal/ and tries to open every > file in there, aborting if the file doesn't exist of permission was > denied. > > I've been working on overloading __getdirentries64 and setting the inode > of the files where access should be denied to 0. I'm not sure this would > satisfy the requirements of the sandboxing, though (attackers could > still find out the file exists/existed).
_______________________________________________ macports-dev mailing list [email protected] http://lists.macosforge.org/mailman/listinfo/macports-dev
