[hellodanylo]

I think JIT and custom code is the same requirement in this discussion. In Chrome's case, the V8 engine is a JIT compiler from JS to ARM instructions. The code of V8 can be vetted during the review process, but the ARM instructions that it will generate (just in time) can not.

> 3.3.2 An Application may not download or install executable code. Interpreted code may only be used in an Application if all scripts, code and interpreters are packaged in the Application and not downloaded. The only exception to the foregoing is scripts and code downloaded and run by Apple's built-in WebKit framework.

[dunham]

Additionally, JIT would need a special entitlement to be able to change a page of memory from writable to executable. This is a little dangerous from a security perspective, and even Apple only grants it to apps the specifically need it.

[m4rtink]

Thats all nice and good, but completely removing the posibility of running any non-vendor JIT application is totally stupid and unacceptable. And iOS being a total walled garden only adds insult to injury, as users simply can't install such applications even if they want to.

[stingraycharles]

Aha so that is what it’s all about. That makes so much more sense now, and a very reasonable explanation.

Does this also apply to jailbroken iOS devices? I can imagine that it’s fairly difficult to disable a security feature such as this in the kernel?

[dunham]

I don't know the exact details of how jailbreaking tweaks code-signing.

But as I understand it apps are signed and have an entitlements file bundled inside. That file determines whether the kernel will allow stuff like changing pages to executable, running in the background, notifications, etc. Safari happens to have this extra entitlement in its embedded entitlements.plist. The signature checks out, so the the kernel allows the functionality.

For example, there is an entitlement to allow a debugger to attach, which dev builds of apps typically have, but Apple won't allow for apps in the store. I would think that if jailbreak short circuited the signature stuff, you could put whatever entitlements you want in there. But there may be some additional constraints.

Now that I'm thinking of it, I wonder if dev builds of apps can have the entitlement to do the JIT magic. I don't know if they place any constraints on the dev signing keys.

[stingraycharles]

Oh I was confused as I associated a JIT with internal vm optimizations such as seen in the JVM. Then we’re just talking about the same thing but calling it a different name.