site_archiver@lists.apple.com Delivered-To: darwin-dev@lists.apple.com What is a "legitimate patch?" Amanda Walker _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... On Aug 16, 2007, at 12:29 PM, Ernesto Corvi wrote: Do we *really* need to send a feature request to harden the security on the kernel and provide a truly authorized KPI for legitimate patches? KPIs like kauth let a 3rd party product interpose itself into kernel processing at well defined spots without having to patch it. The only reason to "patch" the kernel is to fix a bug in a particular kernel version if Apple isn't willing to roll a fix into the next update (which happened in Tiger once most of the engineers were concentrating on Leopard). But it's a fallback. Start by describing what you're trying to do and ask for a KPI to do it (via bugreporter.apple.com so that it gets tracked). Saying "I want a generic way to patch the kernel" doesn't make a lot of sense. This email sent to site_archiver@lists.apple.com