Thanks but is there a way to "reset" all intents ?
Topic:
Privacy & Security
SubTopic:
General
Tags:
Selecting any option will automatically load the page
Post
Replies
Boosts
Views
Activity
It does not work for sandboxed/appstore applications...
Topic:
Code Signing
SubTopic:
Entitlements
Tags:
And do you know how endpoint security solutions on app store can obtain full disk access ? Thanks
Topic:
Code Signing
SubTopic:
Entitlements
Tags:
I agree but you can try to install Parallels Desktop for macOS from appstore for example. You will see on first run a TCC prompt to access Download (or Desktop) folder. How can they do that ? There are no NSOpenPanel dialog
Topic:
Code Signing
SubTopic:
Entitlements
Tags:
What i've is it will be very hard for and endpoint security software editor to create kernel extensions (kext).
Do you agree we need to create a kext when working with ES ? Or is there a way to create hooks without writing a custom kext ?
Thanks
Topic:
Privacy & Security
SubTopic:
General
Tags:
As I said I know this is not a good practice.
I would like to know how I can do that on Sonoma...
Thanks anyway
Topic:
App & System Services
SubTopic:
Core OS
Tags:
Here is my gcc version:
Apple clang version 15.0.0 (clang-1500.0.40.1)
How can i do a LC_LOAD_DYLIB linking instead of LC_LOAD_WEAK_DYLIB with this version of gcc ?
thanks
Topic:
App & System Services
SubTopic:
Core OS
Tags:
Because I want to comply with Apple standards ;)
Topic:
Developer Tools & Services
SubTopic:
General
Tags:
Thanks a lot. I have read ton of documentations since yesterday. I have understood Mach APIs. There is one more thing i need: I am able to add/remove an hardware breakpoint with thread_set_state but i am not able to let the program continue, even with thread_resume. Any idea ?
Topic:
Developer Tools & Services
SubTopic:
General
Tags:
Thanks for your answer. In fact, i want to know how debugger does this. I have inspect lldb source code but i did not found...
Topic:
Developer Tools & Services
SubTopic:
General
Tags:
@eskimo my question was not about PIE. I agree with you about PIE but this is not my question ;)
My question is about ASLR and lldb: How lldb manages to disable ASLR for a given binary.
Thanks
Topic:
Privacy & Security
SubTopic:
General
Tags:
I have seen this sentence in a training.
But there are no more details and i do not agree with this sentence.
To me, a binary can't be SIP protected.
Some folders can be SIP protected but not the binary itself.
I would like to know if i am wrong.
Thanks
Topic:
Code Signing
SubTopic:
Entitlements
Tags:
Thanks but memory pool is released too for local objects when we leave a function ?
Topic:
Programming Languages
SubTopic:
Swift
Tags:
Hello, on Silicon, on macOS Sonoma
Thanks
Topic:
Privacy & Security
SubTopic:
General
Tags:
Thanks for your answer. I think i have an older version of Arduino so the behaviour is not the same, i am sorry.
Let's take another example with Terminal:
open System Settings/Privacy & Security/Files and Folders;
uncheck Terminal for Documents folder;
Close Terminal and relaunch it;
Try to type "cd Documents", then "ls" -> you will get an error. This is normal because of TCC ;
Now try to type "touch Documents/foo" -> it works
Topic:
App & System Services
SubTopic:
Core OS
Tags:
Thanks but is there a way to "reset" all intents ?
Topic:
Privacy & Security
SubTopic:
General
Tags:
- Replies
- Boosts
- Views
- Activity
It does not work for sandboxed/appstore applications...
Topic:
Code Signing
SubTopic:
Entitlements
Tags:
- Replies
- Boosts
- Views
- Activity
And do you know how endpoint security solutions on app store can obtain full disk access ? Thanks
Topic:
Code Signing
SubTopic:
Entitlements
Tags:
- Replies
- Boosts
- Views
- Activity
I agree but you can try to install Parallels Desktop for macOS from appstore for example. You will see on first run a TCC prompt to access Download (or Desktop) folder. How can they do that ? There are no NSOpenPanel dialog
Topic:
Code Signing
SubTopic:
Entitlements
Tags:
- Replies
- Boosts
- Views
- Activity
What i've is it will be very hard for and endpoint security software editor to create kernel extensions (kext).
Do you agree we need to create a kext when working with ES ? Or is there a way to create hooks without writing a custom kext ?
Thanks
Topic:
Privacy & Security
SubTopic:
General
Tags:
- Replies
- Boosts
- Views
- Activity
As I said I know this is not a good practice.
I would like to know how I can do that on Sonoma...
Thanks anyway
Topic:
App & System Services
SubTopic:
Core OS
Tags:
- Replies
- Boosts
- Views
- Activity
Here is my gcc version:
Apple clang version 15.0.0 (clang-1500.0.40.1)
How can i do a LC_LOAD_DYLIB linking instead of LC_LOAD_WEAK_DYLIB with this version of gcc ?
thanks
Topic:
App & System Services
SubTopic:
Core OS
Tags:
- Replies
- Boosts
- Views
- Activity
Because I want to comply with Apple standards ;)
Topic:
Developer Tools & Services
SubTopic:
General
Tags:
- Replies
- Boosts
- Views
- Activity
Thanks a lot. I have read ton of documentations since yesterday. I have understood Mach APIs. There is one more thing i need: I am able to add/remove an hardware breakpoint with thread_set_state but i am not able to let the program continue, even with thread_resume. Any idea ?
Topic:
Developer Tools & Services
SubTopic:
General
Tags:
- Replies
- Boosts
- Views
- Activity
Thanks for your answer. In fact, i want to know how debugger does this. I have inspect lldb source code but i did not found...
Topic:
Developer Tools & Services
SubTopic:
General
Tags:
- Replies
- Boosts
- Views
- Activity
@eskimo my question was not about PIE. I agree with you about PIE but this is not my question ;)
My question is about ASLR and lldb: How lldb manages to disable ASLR for a given binary.
Thanks
Topic:
Privacy & Security
SubTopic:
General
Tags:
- Replies
- Boosts
- Views
- Activity
I have seen this sentence in a training.
But there are no more details and i do not agree with this sentence.
To me, a binary can't be SIP protected.
Some folders can be SIP protected but not the binary itself.
I would like to know if i am wrong.
Thanks
Topic:
Code Signing
SubTopic:
Entitlements
Tags:
- Replies
- Boosts
- Views
- Activity
Thanks but memory pool is released too for local objects when we leave a function ?
Topic:
Programming Languages
SubTopic:
Swift
Tags:
- Replies
- Boosts
- Views
- Activity
Hello, on Silicon, on macOS Sonoma
Thanks
Topic:
Privacy & Security
SubTopic:
General
Tags:
- Replies
- Boosts
- Views
- Activity
Thanks for your answer. I think i have an older version of Arduino so the behaviour is not the same, i am sorry.
Let's take another example with Terminal:
open System Settings/Privacy & Security/Files and Folders;
uncheck Terminal for Documents folder;
Close Terminal and relaunch it;
Try to type "cd Documents", then "ls" -> you will get an error. This is normal because of TCC ;
Now try to type "touch Documents/foo" -> it works
Topic:
App & System Services
SubTopic:
Core OS
Tags:
- Replies
- Boosts
- Views
- Activity