Comment by bestouff
4 years ago
This may have security implications, I highly doubt they would be authorized to make such a change without consulting anyone.
4 years ago
This may have security implications, I highly doubt they would be authorized to make such a change without consulting anyone.
The shift to moving the Mach-O parsing from iBoot to kmutil has positive security implications. Adding a raw input option on top of that has zero additional security implications. It's a strict subset of the attack surface.
I believe parent is not talking about the security implications of the contributions themselves, but the security implications of the act of making contributions as an Apple employee. And it’s a reasonable assumption; from my (not many) interactions with Apple employees in OSS world, they are generally very careful about doing this sort of things, and I would be very very surprised if not at least a few managers know about this beforehand.
No Apple employees made any OSS contributions here. They just added a tiny feature to an existing Apple tool that happens to make our lives easier.
1 reply →