Hacker News new | past | comments | ask | show | jobs | submit login

> The safest kernel is the one that cannot be touched at runtime.

Can you expand what you mean here? Because depending on the application you are running, you will need at least talk with some APIs to get privileged access?




Being allowed to talk to the kernel to get info and running with the same privileges ( basically being able to read / write any memory ) is different.


Yeah, Apple doesn’t allow any user code to run in kernel mode without significant hoops (the kernel is code signed) and tries to provide a user space API (e.g. DriverKit) as an alternative for the missing functionality.

Some things (FUSE) are still annoying though.


> Some things (FUSE) are still annoying though.

That should get much easier in macOS Sequoia with FSKit.

https://developer.apple.com/documentation/fskit/




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: