-
Notifications
You must be signed in to change notification settings - Fork 112
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding entitlement for unsigned memory execution #909
Conversation
228a093
to
6b7ca57
Compare
6b7ca57
to
8739278
Compare
ffi loads c code into memory in an unsigned way and this allows workstation to work with the hardened runtime. Signed-off-by: Jon Morrow <jmorrow@chef.io>
8739278
to
bdeb285
Compare
Updated to point to omnibus master now that that has merged. Here is a new ad-hoc build: |
<key>com.apple.security.cs.allow-unsigned-executable-memory</key> | ||
<true/> | ||
</dict> | ||
</plist> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure if this file needs a new line
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think it's required, but from a style perspective maybe we should. I'm going to merge without and we'll figure it out.
The verify step is hanging waiting on an agent. After discussing with @afiune this should be safe to ignore so I am going to merge this pr and get a build out in current that resolves the gatekeeper issues. |
Description
ffi loads c code into memory in an unsigned way and this allows workstation
to work with the hardened runtime.
Signed-off-by: Jon Morrow jmorrow@chef.io
Related Issue
Types of changes
Checklist: