Hi,
We're working on an app that manages a lot of critically sensitive data (namely, a password manager), and we're trying to get the most security we can out of macOS. One obvious vulnerability is that a malicious user can always use lldb or a similar tool to dump the memory at a time when a password is there.
SIP offers protection against these types of attacks. I wanted to know if we could protect our app by using the SIP mechanism.
Is any of the following solutions possible:
- Add an entitlement to the app to make it rootless
- Configure SIP settings in the user's home directory to add the app to the rootless apps list
- Request that the app be added to the list in a future macOS release