> On Sep 13, 2015, at 01:11, René J.V. Bertin <[email protected]> wrote:
>
> On Saturday September 12 2015 18:02:52 Jeremy Huddleston Sequoia wrote:
>> It isn't a boot parameter. It's stored in nvram, but not as a boot
>> parameter. You need to boot into recovery mode to modify the setting.
>
> In fact, this makes me curious. How exactly does that work with booting from
> external disks? Is it pervasive over all boot disks once you've modified it,
> as the nvram storage suggests? Does one have to jump through the hoops for
> each boot disk? Or after cloning the boot disk to another one? I can hardly
> imagine that a token is stored on disk to tell the kernel to take the nvram
> parameter into account or not.
It's an nvram setting. Kernels will look for that setting to determine if they
will enable rootless or not. The revovery mode kernel doesn't run with
rootless, so it is able to modify that setting.
> Is it possible to store the parameter into nvram from an earlier OS X
> version, or with the tools VM hosts like Parallels provide to provide a
> simulated nvram to guests?
Should be.
> Oh, and does this all really mean that one can no longer edit /etc/hosts,
> /etc/hosts.{allow,deny} etc. without wizardry?
No. You're believing to too much FUD.
FWIW, I've had rootless enabled on all of my development machines since it was
first enabled, and I haven't had any significant problems. I really think most
of this FUD is blown way out of proportion. There are a few minor issues (eg:
DYLD_ envvars passed through shell scripts and some issues with paths
significantly larger than PATH_MAX) which are bugs that will be fixed, but
nothing world ending. Users will get the security benefits, and developers
that want to not deal with it will turn it off once and not look back.
>
> Also,
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> X11-users mailing list ([email protected])
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/x11-users/jeremyhu%40freedesktop.org
>
> This email sent to [email protected]
_______________________________________________
Do not post admin requests to the list. They will be ignored.
X11-users mailing list ([email protected])
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/x11-users/archive%40mail-archive.com
This email sent to [email protected]
