site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com Things that use kauth are a legitimate 'patches'. _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... On Aug 16, 2007, at 12:48 PM, Amanda Walker wrote: On Aug 16, 2007, at 12:29 PM, Ernesto Corvi wrote: Do we *really* need to send a feature request to harden the security on the kernel and provide a truly authorized KPI for legitimate patches? What is a "legitimate patch?" KPIs like kauth let a 3rd party product interpose itself into kernel processing at well defined spots without having to patch it. The only reason to "patch" the kernel is to fix a bug in a particular kernel version if Apple isn't willing to roll a fix into the next update (which happened in Tiger once most of the engineers were concentrating on Leopard). You mean the only reason to patch the kernel for well-intentioned people. I can tell you a lot of reasons why a malware write would like to patch the kernel. But it's a fallback. Start by describing what you're trying to do and ask for a KPI to do it (via bugreporter.apple.com so that it gets tracked). Saying "I want a generic way to patch the kernel" doesn't make a lot of sense. I think you responded to the wrong email. Where did I say "I want a generic way to patch the kernel"? I actually want the opposite. I want the the kernel not to be generically patchable, as it is right now, and be able to have a KPI, such as kauth (although kauth is severely limited in scope right now) where benevolent users can actually implement the kernel hooks they need. This email sent to site_archiver@lists.apple.com