|
|
|
|
|
|
by msftguy
5147 days ago
|
|
|
OS X/iOS use a 'sandbox' driver that utilizes TrustedBSD MAC infrastructure ( https://developer.apple.com/library/mac/#documentation/Darwi... ).
Basically, most system calls can be verified against one or more policy modules, and blocked if non-compliant.
Not really possible with Windows and its bajillion of syscalls (1000 in win32k alone afair) |
|
|