On Sunday June 09 2024 21:10:47 Clemens Lang wrote: >With SIP disabled, one can add a kernel boot argument to allow user >space to use Apple's ABI with pointer authentication, which would allow >building a copy of tracelib that works on those binaries.
I have no idea what you just said, but it seems I wasn't wrong that Apple wouldn't stop at SIP to lock us out. >Additionally, attempting to inject those binaries causes the program to >be killed by the kernel, i.e., things break. I thought that trace mode was to check that ports declare all the required dependencies that need to be installed (i.e. through MacPorts). >Many Unix operating systems, including macOS, do not actually care about >file permissions when you are root: Yeah, I tend to forget that. At some point I'll probably have a closer look exactly how the rev-upgrade scanner handles files. If it simply builds a list of all dependencies that should be available it might be possible to implement a blacklist feature. R.
