|
|
|
|
|
|
by stingraycharles
2181 days ago
|
|
|
Aha so that is what it’s all about. That makes so much more sense now, and a very reasonable explanation. Does this also apply to jailbroken iOS devices? I can imagine that it’s fairly difficult to disable a security feature such as this in the kernel? |
|
|
But as I understand it apps are signed and have an entitlements file bundled inside. That file determines whether the kernel will allow stuff like changing pages to executable, running in the background, notifications, etc. Safari happens to have this extra entitlement in its embedded entitlements.plist. The signature checks out, so the the kernel allows the functionality.
For example, there is an entitlement to allow a debugger to attach, which dev builds of apps typically have, but Apple won't allow for apps in the store. I would think that if jailbreak short circuited the signature stuff, you could put whatever entitlements you want in there. But there may be some additional constraints.
Now that I'm thinking of it, I wonder if dev builds of apps can have the entitlement to do the JIT magic. I don't know if they place any constraints on the dev signing keys.