App signatures are about more than just the certificate. That provides a chain of trust going back to Apple, and supports integrity checks and entitlements.
sandbox
iCloud Drive just works. Time Machine just works. So Time Machine should back up the contents of your iCloud Drive? Maybe not.
Despite its lack of security release notes, the 11.5.2 update contains new versions of several important security executables, including spctl, sandboxd and syspolicyd.
From the start of voluntary code signing in 2007, defences against malware in macOS have changed dramatically. Here’s an overview of what has happened.
Where does Apple warn the user that four stray files in an unprotected folder are specially protected by the Sandbox kernel extension?
The behaviour of quarantine flags, SIP flags, and the mysterious new com.apple.macl attribute, which never ceases to puzzle.
When it comes to basics, we like consistency. Imagine what life would be like if every so often […]
It’s not very often that we see the birth of a whole new subsystem both in macOS and iOS, but RunningBoard is brand new with 10.15 and 13.
Jeff Johnson of @lapcatsoftware has just published an excellent technical article looking at controversial issues over hardening, sandboxing, […]
Signature checks are complex. On first run with a quarantine flag, they include the contents of the Resources folder, but seldom do after that.
The Eclectic Light Company 