Comment by bangonkeyboard
4 years ago
> they can simply toggle a switch for all users to "no unsigned binaries"
That switch was toggled with Big Sur and Apple silicon: https://mjtsai.com/blog/2020/08/19/apple-silicon-macs-to-req...
4 years ago
> they can simply toggle a switch for all users to "no unsigned binaries"
That switch was toggled with Big Sur and Apple silicon: https://mjtsai.com/blog/2020/08/19/apple-silicon-macs-to-req...
While true, that doesn't mean that an Apple-controlled key decides which apps will run:
> There isn’t a specific identity requirement for this signature: a simple ad-hoc signature issued locally is sufficient, which includes signatures which are now generated automatically by the linker. This new behavior doesn’t change the long-established policy that our users and developers can run arbitrary code on their Macs, and is designed to simplify the execution policies on Apple silicon Mac computers and enable the system to better detect code modifications.
(Source is the link you provided.)