Because zoom’s patch will only help users still using and updating zoom while those who have uninstalled zoom are still vulnerable (because the uninstalled leaves the web server behind)
I’m sure Apple is as upset as anyone else. It effectively breaks their sandbox model so they’ll probably be working hard on a way to plug that hole gracefully.
The sandbox only applies to software devs that want to use it or those that wish to sell through the Mac App Store. I don't think Zoom is in the MAS at all (I don't see it in a quick search anyway), and a standalone installer is free to do whatever it wants and can convince users to go along with (up to and including, in principle, bypassing SIP though since that significantly raises the effort bar I've only ever seen niche stuff request it). And it's completely legitimate to want to run a server on your system too, there is no hole. Zoom simply acted as malware, taking actions without user permission.
SIP cannot be disabled by anything running in the current boot session. Once the root volume is mounted, the SIP flags are set in the mountpoint. The root volume obviously cannot be unmounted while it is booted from.
I don't fully understand the difference. But signed is different from notarized. Notarized means you uploaded the binary to Apple. Previously, you can sign without doing that.
I haven't looked enough to understand what is gained by notary. Does Apple want to search your binary for maliciousness or rulebreaking (potentially even at a later date) so that it might revoke the notarization/signature?
There is no real sandbox model on Macs if you don’t go through the Mac App Store, only code signing to detect that the app hasn’t been tampered with and to validate the author.
I would not be surprised at all if this episode has some concrete ramifications in 10.15. It could take the shape of something akin to iOS’ location permissions for applications that want to run a server, or even a first-party framework for accomplishing the thing Zoom was trying to do, but it’s probably safe to say what Zoom was doing won’t be possible next year.
I mean. The issue at hand was that they purposely left the webserver behind to auto reinstall if a zoom link was clicked. This was an intended feature, and the same could have been done on Linux or Windows. Package management or containers are irrelevant to this conversation.
Sure, the "package managers" on Linux, Windows, and macOS all behavior in pretty similar fashions. A manifest of files that the installer knew at time of install. That doesn't stop a program from installing anything else at run time, or even in the installer (since they can define what to remove in a lot of cases). This wasn't an "accident," it was purposely left behind with the intention of being used to onboard users easily even after they removed the client. This would have pretty much been an issue on every platform (had it been implemented on other platforms). And please, don't tell me "but Docker!" Docker, at present, isn't really usable with GUI applications yet.
A package manager would be designed to remove any non user hostile features. Intentionally hostile behavior would be unaffected. One might hope that the packager, the person that is, might have refused to include software from incompetent or hostile developers.
Something an app store due to volume and default allow pending mostly automated checks has a problem with.
As far as I know most traditional package managers only remove files and folders declared in the package. Not files installed somewhere else during the install script or created by the binary when it runs.
Not really, If you have a standard app that can be dragged into the trash, sure. If you have a kernel extension, or a launch deamon or any application data you store locally you cannot clean up after yourself without a custom uninstaller.
Windows is far ahead in its centralized Add&Remove Programs area.
Not really, If you have a standard app that can be dragged into the trash, sure. If you have a kernel extension, or a launch deamon or any application data you store locally you cannot clean up after yourself without a custom uninstaller.
This is false. Kernel extensions can be part of the application bundle and will be unloaded and removed when the bundle is removed.
Installing KEXTs in an application bundle allows an application to register those KEXTs without the need to install them permanently elsewhere within the system hierarchy. This may be more convenient and allows the KEXT to be associated with a specific, running application. When it starts, the application can register the KEXT and, if desired, unregister it on exit.
For example, a network packet sniffer application might employ a Network Kernel Extension (NKE). A tape backup application would require that a tape driver be loaded during the duration of the backup process. When the application exits, the kernel extension is no longer needed and can be unloaded.
It is true that you cannot remove application data, but that is a feature (maybe users want to retain the data) and also does not happen in e.g. Linux package managers.
No, the de vintentionally circumvented the bundling and containerization that exists, and MacOS couldn't prevent it. That said, Windows and Linux can't prevent it either, in common configurations.
macOS has a very good concept of package management and containerization. It's just optional because people get even more up in arms when their old software doesn't work any more.
Apple also makes a fantastic computing platform with very good mandatory isolation, namely, iOS. If you're interested in isolation in preference to compatibility with traditional desktop software, an unjailbroken iPad Pro with Smart Keyboard is a pretty good option.
I don't think it's just old software that might break. One must also consider the software not yet to be written. If the isolation is too constraining for some type of application that really needs a privilege, and isolation is mandatory, then some amount of innovation will just have to happen somewhere else or not at all.
Remember old school Mac was full of hacks upon hacks upon hacks, many by third parties, and there was cool stuff in there too. The App Store mentality has caused everyone to overreact and think that every third party app on the planet will turn into the worst conception of Win98 era malware overnight if unconstrained, when this is just one outcome among many possible.
For cripes sake...