MacOS: Difference between revisions

From OSDev.wiki
Jump to navigation Jump to search
[unchecked revision][unchecked revision]
Content added Content deleted
VisualWikitext
(Created page with "{{stub}} XNU (acronym from X is Not Unix) - a hybrid kernel based on Mach and BSD. Used in OS X. It was developed to replace the obsolete classic Mac OS (Mac OS 9 and older) ...")
 
Line 23: Line 23:
*SystemConfiguration - modular configuration mechanism
*SystemConfiguration - modular configuration mechanism
*Apple System Log (ASL)
*Apple System Log (ASL)

==

*Apple Script
*Apple Script
*notifyd and distnoted - notification (IPC) mechanisms
*notifyd and distnoted - notification (IPC) mechanisms

Revision as of 11:46, 2 May 2015

This page is a stub.
You can help the wiki by accurately adding more contents to it.

XNU (acronym from X is Not Unix) - a hybrid kernel based on Mach and BSD. Used in OS X. It was developed to replace the obsolete classic Mac OS (Mac OS 9 and older) kernel, which had poor memory protection and cooperative multitasking.

(Mac) OS X - Apple's half-proprietary operating system for Macintosh computers, which is, in fact, able to be run on any modern x86_64 computer.

iOS - the mobile version of OS X.

Darwin - the core open source components of OS X and iOS.

Features

XNU inherits some BSD features:

  • POSIX system calls
  • some BSD extensions
  • Mandatory Access Control (MAC)

But it is wrong to classify XNU as a BSD flavor like FreeBSD. XNU and OS X introduce a lot of specific features, including:

  • own sandboxing system
  • own file system hierarchy (with FHS preserved)
  • Apple Events and FSEvents
  • OpenDirectory - authentification system
  • SystemConfiguration - modular configuration mechanism
  • Apple System Log (ASL)
  • Apple Script
  • notifyd and distnoted - notification (IPC) mechanisms
  • launchd - initialization system, network manager and other things all-in-one
  • Mach APIs
  • IOKit framework - allows interfacing with kernel mode drivers for user space programs
  • and more...

OS X is a certified UNIX system.

Security

Code signing

OS X and iOS support code signing. In OS X it can be disabled, but in iOS it is a heavy protection mechanism, which allows only reviewed apps to be run. However, Apple sells developer and enterprise certificates, which can be used to distribute malware, a user only needs to install a profile. There also were a vulnerability, which allowed to install outdated profiles by resetting the date. Apple can easily block certificates.

Entitlements

An entitlement is simply a permission written for the binary. Even with root access it is not possible to override them. For example, running a program which uses task_for_pid Mach call under root without the required entitlements will result in an error. Entitlements are, of course, signed.

Sandboxing

This feature is present in both OS X and iOS, but in iOS it is much harder. In fact, it is a jail, which places applications inside their own environment, from which they can only access their own root. More about app sandbox [[1]].

Hybrid Kernel Design

TODO

See Also

Retrieved from "https://osdev.wiki/wiki/MacOS?oldid=16842"