一、正向如何启用__RESTRICT section保护
在Other Linker Flags中添加:
-Wl,-sectcreate,__RESTRICT,__restrict,/dev/null
来阻止dylib注入。
二、使用MachOView来查看可执行文件信息
MachOView截图
会发现设置后,会多了__RESTRICT,__restrict section
原因去apple的opensource找 链接地址
if ( removedCount != 0 ) {
dyld::log("dyld: DYLD_ environment variables being ignored because ");
switch (sRestrictedReason) {
case restrictedNot:
break;
case restrictedBySetGUid:
dyld::log("main executable (%s) is setuid or setgid\n", sExecPath);
break;
case restrictedBySegment:
dyld::log("main executable (%s) has __RESTRICT/__restrict section\n", sExecPath);
break;
case restrictedByEntitlements:
dyld::log("main executable (%s) is code signed with entitlements\n", sExecPath);
break;
}
}
三种情况,可以让环境变量:DYLD_INSERT_LIBRARIES被无视
1.Set restricted status by entitlements
This option is only available to applications on OS X with special entitlements.
2.setuid and setgid
Any application that makes these two calls are going to be marked as restricted by the linker as a security measure.
3.Restricted Segment of Header
The final way to mark a binary as restricted is by telling the linker to add new section to the binary header that is named “__RESTRICT” and has a section named “__restrict” when you compile it.
所以编译生成的含有__RESTRICT/__restrict section的app会忽略DYLD_INSERT_LIBRARIES。
三、去掉__RESTRICT section的保护方法
在iHex中搜索并替换所有
