unsigned kexts on Yosemite
Landon J Fuller
landonf at macports.org
Fri Jun 12 14:59:35 PDT 2015
On Jun 9, 2015, at 2:42 PM, Landon Fuller <landonf at macports.org> wrote:
>>> but if that does work in Yosemite, it seems very likely to break in Yosemite+1 of OS X when they start applying additional iOS-style restrictions based on code signing entitlements + MAC.
>>
>> Which would probably render kextd patching useless too?
>
> Yep! Now we’re back to square one, with users having to disable kext signing *AND* ‘rootless’.
[Retraction] Much to my surprise, it sounds like the security vulnerabilities remain in kext signing and we might actually still be able to write a custom kext loader that works in El Capitan.
-landonf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.macosforge.org/pipermail/macports-dev/attachments/20150612/9aee72db/attachment.html>
More information about the macports-dev
mailing list