On Sunday September 13 2015 02:09:53 Jeremy Huddleston Sequoia wrote:
> It's an nvram setting. Kernels will look for that setting to determine if
> they will enable rootless or not. The revovery mode kernel doesn't run with
> rootless, so it is able to modify that setting.
>
> > Is it possible to store the parameter into nvram from an earlier OS X
> > version, or with the tools VM hosts like Parallels provide to provide a
> > simulated nvram to guests?
>
> Should be.
That's what I figured. I do btw see the reason why toggling the setting has
been made more difficult than it could be, not so much that there wouldn't be
other ways to achieve it while nagging the user sufficiently to make him/her
accept the change knowingly but yet without requiring a recovery partition.
That's my main gripe: I don't think my 10.9 VM has one (made it by cloning an
upgraded external onto a VM image, from within a VM guest; I doubt upgrading
inside a VM will be a pleasurable experience.) Then again, if the specific
command required to flip the switch runs under 10.9 this is a moot point.
> > Oh, and does this all really mean that one can no longer edit /etc/hosts,
> > /etc/hosts.{allow,deny} etc. without wizardry?
>
> No. You're believing to too much FUD.
Actually, I'm just interpreting without having taken the trouble of finding a
list of the actual paths that are concerned.
> Users will get the security benefits, and developers that want to not deal
> with it will turn it off once and not look back.
Yeah, and FWIW I've yet to be convinced those benefits are real other than on
paper for experience Unix users who are not being targeted by some crack
hacker(s). Or actually, that those benefits stand up to said hackers ;)
R.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
X11-users mailing list ([email protected])
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/x11-users/archive%40mail-archive.com
This email sent to [email protected]
