morgan pushed to branch main at The Tor Project / Applications / tor-browser-build
Commits:
- 
429a5220
by Nicolas Vigier at 2024-10-31T17:35:09+01:00
2 changed files:
Changes:
| 1 | +<?xml version="1.0" encoding="UTF-8"?>
 | |
| 2 | +<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 | |
| 3 | +<!--
 | |
| 4 | +     Entitlements to apply to the tor process executable.
 | |
| 5 | +-->
 | |
| 6 | +<plist version="1.0">
 | |
| 7 | +  <dict>
 | |
| 8 | +    <!-- tor needs this when connecting to PoW onion-services.
 | |
| 9 | +         See tor-browser#43250 and tor#40988 -->
 | |
| 10 | +    <key>com.apple.security.cs.allow-unsigned-executable-memory</key><true/>
 | |
| 11 | + | |
| 12 | +    <!-- Allow loading third party libraries to support pkcs11 modules -->
 | |
| 13 | +    <key>com.apple.security.cs.disable-library-validation</key><true/>
 | |
| 14 | + | |
| 15 | +    <key>com.apple.security.cs.allow-jit</key><true/>
 | |
| 16 | +  </dict>
 | |
| 17 | +</plist> | 
| ... | ... | @@ -82,6 +82,7 @@ $rcodesign sign \ | 
| 82 | 82 |    --code-signature-flags Contents/Frameworks/ChannelPrefs.framework:runtime \
 | 
| 83 | 83 |    --code-signature-flags Contents/MacOS/plugin-container.app:runtime \
 | 
| 84 | 84 |    --code-signature-flags Contents/MacOS/media-plugin-helper.app:runtime \
 | 
| 85 | +  --entitlements-xml-path Contents/MacOS/Tor/tor:/signing/tor-browser-build/tools/signing/macos-entitlements/tor.xml \
 | |
| 85 | 86 |    --entitlements-xml-path Contents/MacOS/plugin-container.app:/signing/tor-browser-build/tools/signing/macos-entitlements/plugin-container.xml \
 | 
| 86 | 87 |    --entitlements-xml-path Contents/MacOS/media-plugin-helper.app:/signing/tor-browser-build/tools/signing/macos-entitlements/media-plugin-helper.xml \
 | 
| 87 | 88 |    --entitlements-xml-path /signing/tor-browser-build/tools/signing/macos-entitlements/firefox.browser.xml \
 |