On 10 Oct 2013, at 11:12 AM, Jens Alfke <[email protected]> wrote:
> Does anyone know the reason for this limitation? It seems arbitrary. I can
> understand why you can’t spawn processes (it prevents fork-bombs and similar
> attacks) but what damage can be caused by a bundled dylib? Sure, you can
> change your build process to make the dylib static, but I’ve had trouble with
> complex 3rd party code [i.e. the Erlang interpreter/runtime] that has a heavy
> dependency on dynamic library loading.
I can only speculate, but: If you can call out to a dynamic library, wouldn't
that make it possible to download a library and execute unapproved code?
Apple's not happy with downloadable executables other than JavaScript in the
WebKit sandbox.
I don't know enough about HFS+ and dyld on iOS to know if it's possible to stop
that.
— F
_______________________________________________
Cocoa-dev mailing list ([email protected])
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to [email protected]
