site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com My advice to you would be to file a bug report. -- Terry On Oct 13, 2008, at 11:07 AM, mm w <openspecies@gmail.com> wrote: Hi Terry, fair enough yep I'm right with this, but it doesn't solve the Finder part, and it's not my point I don't expect a Hot fix, it's somehow always a bad thing, my point was Leo should go thru a couple of revisions before snow-leo release, and it's not a "Big move", saying you have to wait for the next release of the OS was a kind of an "abusive answer", my point is I never argue about the Apple priorities and I 'm aware there are a "couple other stuff" to do, but this is a part of "seatbelt" improvement politic _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... Actually, seatbelt uses MACF, the Mandatory Access Controls Framework, not auditing. And yes, there is an execve() variant that permits setting of a MAC label on exec, but not one for posix_spawn(). We don't really hace a statement other than that, since we can't really comment on future product directions as part of our employment contracts, On Mon, Oct 13, 2008 at 10:47 AM, Terry Lambert <tlambert@apple.com> wrote: There are a couple of easy answers on this, but you are not going to like them: (1) Fix the problem and build your own kernel. Submit the patches back to Apple to increase the probability that things will be fixed the way you want them fixed. (2) Common Criteria Auditing is narrowly defined by use model; as long as you don't use it outside the model, it remains valid. For system components shipped by a vendor, existing behaviour is technically allowed. Outside that, well, choose to use code paths involving execve() rather than posix_spawn(). Do not expect a "hot fix" for already released code, and do not any fix whatsoever unless you file a bug report through the proper channels, rather than posting on a mailing list. Cheers! This email sent to site_archiver@lists.apple.com