Hi,
> On 12 Jan 2017, at 23:59, Mark Hatle <mark.ha...@windriver.com> wrote: > > As far as I know pseudo and the security introduced in 10.11 that affect > preloading is likely the biggest technical problem... everything else is just > "it's not Linux”. With System Integrity Protection disabled, pseudo should still work as it did before, if that’s an acceptable step for you. If it isn’t, Apple’s new limitations can also be worked around in pseudo by hooking the exec(2) and posix_spawn(2) syscalls, checking if the binary to be executed is under system integrity protection, making a copy without the SIP-bit if it is and transparently running that copy instead. That code would need to be written, though (Let me know if you want to do that, I have the code for a different project.). It’s probably only a matter of time until Apple prevents that from working, too, though, e.g. by making some standard system tools signed binaries that no longer load preloaded libraries. HTH, Clemens -- Clemens Lang • Development Specialist BMW Car IT GmbH • Lise-Meitner-Str. 14 • 89081 Ulm • http://bmw-carit.com ------------------------------------------------------------------------- BMW Car IT GmbH Geschäftsführer: Michael Würtenberger und Alexis Trolin Sitz und Registergericht: München HRB 134810 ------------------------------------------------------------------------- -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto
