[MacPorts] #66358: sip-workaround no longer works on macOS 13 Ventura due to new security features
MacPorts
noreply at macports.org
Wed Apr 12 09:30:29 UTC 2023
#66358: sip-workaround no longer works on macOS 13 Ventura due to new security
features
-------------------------+---------------------
Reporter: reneeotten | Owner: (none)
Type: defect | Status: new
Priority: Normal | Milestone:
Component: base | Version:
Resolution: | Keywords: ventura
Port: |
-------------------------+---------------------
Comment (by neverpanic):
Just for completeness, there are also solutions out there that use an
Endpoint Security entitlement to interpose processes before they are
started to patch the {{{amfi_check_dyld_policy_self}}} syscall from the
binary before the loader has a chance to call it (see
https://gist.github.com/saagarjha/a70d44951cb72f82efee3317d80ac07f), but
that probably requires disabling SIP. If all else fails, that's probably
something we could do on a copy of the binaries from /usr/bin, too,
although it would look a bit different for us since we wouldn't be
patching in memory but essentially doing what would be called a GOT hijack
on Linux.
--
Ticket URL: <https://trac.macports.org/ticket/66358#comment:28>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list