unsigned kexts on Yosemite

Ryan Schmidt ryandesign at macports.org
Fri Oct 24 19:00:58 PDT 2014


On Oct 24, 2014, at 8:12 PM, Landon J Fuller wrote:

> On Oct 24, 2014, at 5:03 PM, Ryan Schmidt wrote:
> 
>> There's most certainly a difference in the potential for damage from bad kernel code vs. bad user code. One can cause a kernel panic; the other can’t.
> 
> If you figure out how signing fixes panic-causing driver bugs, please let me know, because it doesn’t seem to be working for my own — properly-signed — kext code :-)

Sigh.


> I agree that a kext requires a higher degree of trust, I just don’t think a single-vendor signing regime is a net win for users.

But that's what Apple's policy in Yosemite seems to be, and it has typically been MacPorts strategy to attempt to adopt whatever policy changes Apple makes as best we can.



More information about the macports-dev mailing list