#Microsoft office for mac 2011 el capitan install#
In the early vista days I remember two signed & legitimate tools that enabled users to install to install their own drivers in the windows kernel. Having rogue apps not be able to permanently damage other applications would be a pretty cool feature.
I hope they generalize the concept a bit more in the next iteration of OS X. This currently creates an A and B team among apps in the latest OS X. This means a hacker can permanently hack Chrome while not being able to do the same to Safari. Not that I’m against those being protected, but it kind of reveals the fact that other non-Apple apps would probably also like to be protected in the same manner.įor example lets say Safari is in the protected set but Chrome is not. Mail.app and Chess.app) to the files and processes protected by SIP. What personally annoys me is that Apple added certain apps (i.e. Hostile software can’t wait for any opportunity since it cannot alter the patching executable (the signature would be invalid then), and it cannot attach a debugger to it either.
(difficulty: very very hard unless you’re NSA or something)Ģ) Use some kernel exploit that allows you to execute anything This effectively only leaves two attack vectors for software:ġ) Steal the master key from Apple. Only processes that have been digitally signed with a specific key from Apple will be able to make any changes.
The concern from this is that system updates must disable this feature to install (temporarily), so if you have a bit of malware that Keeps trying to edit the root files, when it does have the opportunity to install itself, there will be no way to remove it.
0 kommentar(er)
