User Profile

Thanks @eskmo again and agree with your consideration. We have try to codesign with almost all the priviledges and it didn't work for this. It would be great to support this with codesign which allow root users to assign the priviledges to specified applications.<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.security.cs.allow-jit</key> <true/> <key>com.apple.security.cs.allow-unsigned-executable-memory</key> <true/> <key>com.apple.security.cs.allow-dyld-environment-variables</key> <true/> <key>com.apple.security.cs.disable-library-validation</key> <true/> <key>com.apple.security.cs.disable-executable-page-protection</key> <true/> <key>com.apple.security.cs.debugger</key> <true/> <key>com.apple.security.get-task-allow</key> <true/> </dict> </plist>By the way, we are working on https://github.com/tobegit3hub/hotpatch which allows developers to write hot patches to upgrade the functions without restart processes. Maintaining the hot patches of function implementations may be harder than static code patches but it may be useful for stable softwares which wants to run without restarting. Anyways, thanks for your help and work on MacOS.

Thanks @eskimo. We are trying to replace the funciton implementation by reseting the instruction to jump to new function address, kind of like JIT.We found the workaround solution in https://stackoverflow.com/questions/60654834/using-mprotect-to-make-text-segment-writable-on-macos and that could work well in MacOS Catalina.