site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com On 9 Aug 2018, at 12:57, Irad K <iradization@gmail.com> wrote:

To achieve that, I use driver that listen to kauth vnode scope with callback that prevent any access to this file by other processes but my own.

I’m confused about your requirements here. The kernel has a long history of being able to access a file’s contents without actually opening the file (I first encountered this exec, many years ago). A user space process is not going to be able to protect itself from the kernel. With regards `spindump` specifically, it’s recording stack frames and symbols, none of which should be especially private. And if you don’t want your symbols showing up in the dump, strip them from your executable. Share and Enjoy -- Quinn "The Eskimo!" <http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.... This email sent to site_archiver@lists.apple.com