In Ventura are there any protections against brute force attacks on an encrypted APFS volume (not the boot volume, but the boot device)?
Post
Replies
Boosts
Views
Activity
If someone modifies a Big Sur or Monterrey boot disk and attaches it to my standard Big Sur or Monterrey machine booted from the internal will reads of the modified files succeed?
Catalina, 10.15.7, MacPro 2019 with stock video
I'm creating a Metal Buffer from NSData using newBufferWithBytes:length options:either managed OR shared.
The NSData is static.
When my compute shader tries to read the data (or when I inspect in the debugger) the data is right for 16 bytes, then wrong for 16 bytes, alternatively, for the entirety of the buffer.
Has anyone seen this?
I'm using the SSO sample code, but in ObjC.
My VirtualBox VM is running Catalina 10.15.4, Xcode 11.6.
I have a hacked together an AD server and SimpleMDM so that I can get Kerberos SSO to work -- the menu bar item for it shows up.
note -- MDM won't work until you give your VM a serial number and VirtualBox doesn't do that automatically as Parallels does
When I run my sample code I get to [authController performRequests]; and then get the "[SOAuthorization] no SPI authorization delegate" message in the logs and neither my authorization nor error delegate methods called.
I am unsure if I'm doing something wrong in my dozen lines of code or if there is something wrong in my setup.
Any suggestions?
I need to experiment with the Kerberos SSO and ASAuthorizationSingleSignOnProvider.
Is there a way to do this that doesn't involve setting up a small company with an IT department?
Ideally I'd use Catalina with OS X Server on a Parallels as my server with another Catalina install on Parallels as the client machine with a DDNS.
The OS X Server docs say I need static IPs and registered domain names. So far only my directory administrator shows up in the directory.
I haven't figured out how to do MDM yet.
Pointers appreciated.
I need to restrict operations to a single keychain file in a daemon.
This is easy to do with the legacy APIs but I can't get things to work with the SecItem API.
I can add things to the keychain file but trying to find them again isn't working with SecItem.
I get screams about not being able to open files.
Before I open a bug/feature request to enable SecItem to do this I'd like to be sure that I'm not missing something obvious.
daemon(int nochdir, int noclose) is marked as discouraged.
Will it work in straight unix ported code that doesn't use Apple libraries?
I wrestled with this discouragement in a previous life where I had to gradually shift calls to CF to one side of deamon or the other in order to prevent catastrophe.
The cost of moving to launchd as is non-trivial in this instance and I'd like to be sure it is going to be necessary before going farther down this path.
I need XPC at the beginnning of my process to get startup parameters, but after that I don't need it.I call dispatch_main so that my XPC communication can happen.After my communication through XPC has finished I call glib's main event loop to call common glib code from inside the xpc message handler.I need signal handlers to catch TERM and INT.My dispatch signal handlers get called if I don't call the glib event loop, but don't if I do.My sigaction handlers don't get called if I call dispatch_main but do if I just go straight into the glib main loop.Is there a way to have a dispatch loop that I can exit so that I'm not calling glib's event loop inside dispatch_main?It looks like setting up a dispatch signal event source creates a signal file descriptor, and that prevents the attempt to sigaction by the normal linux code. However, I'm unsure why I don't then get the signals through my dispatch signal event handler. I suspect it is because by calling glib's main event loop dispatch loses control, or the thread that the signal event handlers want to send on is lost or something like that.
In the past I used packagemaker and the installer in order to get plists installed into /Library/LaunchDaemons.The good old installer appears to me to be largely unloved, though. This is unfortunate as it allowed GUI and scripted installs with scripts everywhere.What is the current favored way to do this? I need BOTH a GUI and a scripted install.And only on Catalina and up.Thanks much.
It looks like the obj file specification allows vp lines with arbitrary data associated (1 2 or 3 floats). I don't see how I can do that through Model IO.The circumstance is that I have some old models created by an artist and he attached values required to animate onto the vertices. I have a proprietary format for the data and it is stored in resource forks. I'm trying to export the data into obj files to modernize. I tried to set up a submesh with the data as the vertices but Model IO eats them if I don't include faces into the submesh. I don't need faces.I can hook or crook this problem by adding faces, but I'd like to do it the way that the API intends for such things to be done.Thanks,Jim