rev-upgrade and checking for +universal dependencies (and build dependencies)
René J.V. Bertin
rjvbertin at gmail.com
Mon Jun 10 09:42:48 UTC 2024
On Sunday June 09 2024 21:10:47 Clemens Lang wrote:
>With SIP disabled, one can add a kernel boot argument to allow user
>space to use Apple's ABI with pointer authentication, which would allow
>building a copy of tracelib that works on those binaries.
I have no idea what you just said, but it seems I wasn't wrong that Apple wouldn't stop at SIP to lock us out.
>Additionally, attempting to inject those binaries causes the program to
>be killed by the kernel, i.e., things break.
I thought that trace mode was to check that ports declare all the required dependencies that need to be installed (i.e. through MacPorts).
>Many Unix operating systems, including macOS, do not actually care about
>file permissions when you are root:
Yeah, I tend to forget that.
At some point I'll probably have a closer look exactly how the rev-upgrade scanner handles files. If it simply builds a list of all dependencies that should be available it might be possible to implement a blacklist feature.
R.
More information about the macports-dev
mailing list