• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: crontab and rsync in Sierra Era
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: crontab and rsync in Sierra Era

  • Subject: Re: crontab and rsync in Sierra Era
  • From: Jeremy Sequoia <email@hidden>
  • Date: Sun, 26 Feb 2017 19:33:40 -0800

Sent from my iPhone...

> On Feb 26, 2017, at 18:48, Tom Lane <email@hidden> wrote:
>
> Jeremy Sequoia <email@hidden> writes:
>> Oh, that's the DYLD_* envvar pruning with system executables causing problem.  That is quite well understood and discussed in many forums.  What do you specifically want to know about it?
>
> I want to know what Apple is going to do about it ... and "nothing"
> is not an acceptable answer.  As is, it's broken, and I will never
> be able to enable SIP and still get my work done.

I don't see why this prevents you from getting your work done.  If you really need to pass through such envvars, just don't use a system shell.  Yes, it is suboptimal, but that is a much better workaround than disabling SIP entirely.

As for what plans are to try and help users that want this functionality, I can't go into specifics on if/when/what, but I can say that I'm very much concerned about this particular issue and have been pushing for a solution.

> AFAICS, SIP today is pretty much where SELinux was about a dozen
> years ago.  It was secure but it was also unusable.  Fortunately,
> a bunch of people worked towards fixing that, and eventually got it
> to the point where you really could keep it turned on all the time.
> I'm not sure Apple has understood that they need to iterate on what
> they've got.

Apple does understand that quite well, but keep in mind that it is quite usable for 99.99999% of users, and the 0.00001% remaining do know how to turn it off.

Also, I don't believe this particular issue with SIP has anything to do the the original problem discussed which is why I think disabling SIP is bad advice for folks that don't understand it.  Many posts out there suggest to turn it off to try and workaround problems without realizing that SIP has nothing to do with the issue, and users blindly following such advice just leave it turned off on their systems without realizing the security implications.

>
>            regards, tom lane

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
X11-users mailing list      (email@hidden)

This email sent to email@hidden
References: 
 >crontab and rsync in Sierra Era (From: pagani laurent <email@hidden>)
 >Re: crontab and rsync in Sierra Era (From: Tom Lane <email@hidden>)
 >Re: crontab and rsync in Sierra Era (From: Lars-Johan Liman <email@hidden>)
 >Re: crontab and rsync in Sierra Era (From: pagani laurent <email@hidden>)
 >Re: crontab and rsync in Sierra Era (From: Tom Lane <email@hidden>)
 >Re: crontab and rsync in Sierra Era (From: pagani laurent <email@hidden>)
 >Re: crontab and rsync in Sierra Era (From: Jeremy Huddleston Sequoia <email@hidden>)
 >Re: crontab and rsync in Sierra Era (From: Tom Lane <email@hidden>)
 >Re: crontab and rsync in Sierra Era (From: Jeremy Sequoia <email@hidden>)
 >Re: crontab and rsync in Sierra Era (From: Tom Lane <email@hidden>)

  • Prev by Date: Re: crontab and rsync in Sierra Era
  • Next by Date: Re: crontab and rsync in Sierra Era
  • Previous by thread: Re: crontab and rsync in Sierra Era
  • Next by thread: Re: crontab and rsync in Sierra Era
  • Index(es):
    • Date
    • Thread