[MacPorts] #66358: sip-workaround no longer works on macOS 13 Ventura due to new security features
MacPorts
noreply at macports.org
Mon Feb 13 18:39:17 UTC 2023
#66358: sip-workaround no longer works on macOS 13 Ventura due to new security
features
-------------------------+---------------------
Reporter: reneeotten | Owner: (none)
Type: defect | Status: new
Priority: Normal | Milestone:
Component: base | Version:
Resolution: | Keywords: ventura
Port: |
-------------------------+---------------------
Comment (by neverpanic):
Chances are this happens because the binary has a signature from Apple.
I'm guessing we will end up having to strip the Apple signature when
copying the binary, and then run the unsigned copy. This, of course, comes
with the risk of breaking some binaries that would otherwise have required
entitlements, so we probably have to skip the copy for binaries with
entitlements and just run the original binary at the expense of not having
trace mode work on those binaries.
Could anybody test this for me on a Ventura system by copying a binary
from /usr/bin to a different place, re-signing it using codesign -f -i -,
and then running it?
Trace mode also does not work on aarch64 Monterey either, although I don't
know why. It doesn't cause failures, but also does not work as expected.
--
Ticket URL: <https://trac.macports.org/ticket/66358#comment:14>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list