On Feb 21, 2014, at 5:19 PM, Ron Hunsinger <listrep...@erstesoft.com> wrote:
> > On Feb 21, 2014, at 1:26 PM, Bradley O'Hearne <br...@bighillsoftware.com> > wrote: >> I believe it would be much more accurate to say that this is a fundamental >> issue of whether OS X provides an app the ability to secure its content or >> not. If the answer is that having an app on OS X is synonymous with having >> the content it delivers available to any other app on the machine, or other >> machines, or copied and broadcasted anywhere and everywhere, then that is an >> answer which has significant limitations to what types of use-cases OS X is >> appropriate for, relating very directly to security. > > Have you considered running a stripped-down copy of OS X? That is, make a > bootable disk image containing your app and enough of the OS to run it, and > then booting off that disk image. The disk image would not contain a web > browser, screen-sharing software, screen-capturing, or any of the features > that are causing you problems. It could unmount (or prevent from mounting) > all other disk volumes. > > I know it's possible: that's essentially how the OS X installers work. The > installer mounts a disk image (copying it into a RAM disk), and boots from > that, with the purpose being to allow the original disk to be completely > erased and/or allow the previously running instance of OS X to be completely > replaced in situ. Well, yes, but Apple has the source code to OS X. There’s an important difference in that users cannot simply just delete important OS components. In some other operating systems (e.g Linux) everything works with packages and you can simply uninstall packages that are not required, like web browsers and networking capability. Just because it’s possible for Apple doesn’t mean that it’s possible for us. For example, how would you remove the WiFi network applet from the status bar? > > If you need a network connection, you'd probably need to copy the user's > network settings into the disk image before booting from it (and after > verifying that it hasn't been altered in any other way). > > If Apple won't allow you to copy the OS, even temporarily, another approach > might be to create a virtual filesystem that acts as an overlay on top of the > boot volume, making files of your choosing appear to be absent. Then boot off > that filesystem. You wouldn't be copying anything, so there shouldn't be any > licensing issues. > > I'm not sure how well that would play with FileVault, and there are a lot of > other thorny issues to work out, but it's an approach you might want to > consider. > > -Ron Hunsinger > _______________________________________________ > > Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) > > Please do not post admin requests or moderator comments to the list. > Contact the moderators at cocoa-dev-admins(at)lists.apple.com > > Help/Unsubscribe/Update your Subscription: > https://lists.apple.com/mailman/options/cocoa-dev/sevenbitstech%40gmail.com > > This email sent to sevenbitst...@gmail.com
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
