How do I get swift binaries to work suid?

Privacy & Security General
ve6yeq OP
Created Jul ’15
Replies 1
Boosts 0
Views 2k
Participants 2

Hi All,


I am attempting to implement a "restricted binary" (i.e. suid program) in swift. The issue that I have not found a way around is that all swift applications bundle the swift runtime with them and "restricted binaries" are blocked by dyld from loading dylibs using @rpath or @executable or @loader_path.


dyld: warning, LC_RPATH @executable_path/../Frameworks in /Users/USER/TestApp.app/Contents/MacOS/TestApp being ignored in restricted program because of @executable_path
dyld: Library not loaded: @rpath/libswiftAppKit.dylib
  Referenced from: /Users/USER/TestApp.app/Contents/MacOS/TestApp
  Reason: image not found


Xcode 6.4 generates swift binaries that reference the swift runtime via RPATH (i.e. rpath = @executable/../Frameworks and @rpath/libswiftAppKit.dylib) and I have tried using install_name_tool to change these references to @executable or @loader_path but it appears that all of the "@" paths are blocked by dyld.


Dyld Error Message:
  Library not loaded: @loader_path/../Frameworks/libswiftAppKit.dylib
  Referenced from: /Users/USER/TestApp.app/Contents/MacOS/TestApp
  Reason: unsafe use of @loader_path in /Users/USER/TestApp.app/Contents/MacOS/TestApp with restricted binary


Any ideas on how to use swift? Or do I have to just use Objective-C?


Thanks,


CraigN

Replies  1
Boosts  0
Views  2k
Participants  2
DTS Engineer OP
Apple
Jul ’15

I am attempting to implement a "restricted binary" (i.e. suid program) in swift.

Why?

setuid binaries are prone to security vulnerabilities and we recommend that you avoid them on current systems.

Share and Enjoy

Quinn "The Eskimo!"
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
0
How do I get swift binaries to work suid?
First post date Last post date
 
 
Q