1
0
mirror of https://github.com/PrivSec-dev/privsec.dev synced 2024-12-22 21:01:34 -05:00

add detail about hardened runtime

This commit is contained in:
kimg45 2024-08-13 06:56:45 -05:00 committed by GitHub
parent 061a06cd08
commit fa227595d7
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -41,7 +41,7 @@ You can enable a column in Activity Monitor called "Restricted" which is a flag
## Hardened Runtime
The [Hardened Runtime](https://developer.apple.com/documentation/security/hardened_runtime) is an optional security feature that developers can enable that makes an app more resistant to exploitation. It prevents certain classes of exploits, like code injection, dynamically linked library (DLL) hijacking, and process memory space tampering.
The [Hardened Runtime](https://developer.apple.com/documentation/security/hardened_runtime) is an optional security feature that developers can enable that makes an app more resistant to exploitation. Like the App Sandbox, it's enabled through a flag when the developers sign it so you aren't able to control it for apps you run. It prevents certain classes of exploits, like code injection, dynamically linked library (DLL) hijacking, and process memory space tampering.
Unlike the App Sandbox, the Hardened Runtime is required in order for an app to be notarized and so you'll be warned by Gatekeeper if an app doesn't use it. While this warning is bypassable, you should be cautious and investigate a bit more before running it.