Permissions, SIP and TCC: who’s controlling access?

There’s a lot standing between your app and what it can edit and save: POSIX permissions, ACLs, SIP, TCC, and maybe the sandbox too.

What’s in an app’s signature?

App signatures are about more than just the certificate. That provides a chain of trust going back to Apple, and supports integrity checks and entitlements.

Notarisation: privacy controls

Final in series. Examines how the hardened runtime controls access to protected private data and services, and how some use private entitlements.

Notarization: the hardened runtime

Second in the series. Considers in detail what the hardened environment offers the user, and how notarized apps can opt out of its protection.

Notarization: is a notarized app ‘safe’ to use?

First of three articles looking in detail at what notarization involves, and the benefits it might have to users. Considers the question of legacy apps.

Taccy 1.1 fixes a crashing bug and adds several new features

An unexpected behaviour in the codesign command could cause the app to crash when examining certain app. Now fixed, plus several new features.

Entitlements: how apps get back what they’ve given up

With apps in future set to come from the App Store or notarized by Apple, entitlements are going to be the rule not an exception.

What can that app do? Entitlements, authorisation, and privacy

To pre-empt privacy problems in Mojave, you need to know information which is currently not easily obtained. Here’s an app to do it for you.