←back to thread

Apple's apps bypass firewalls like LittleSnitch and LuLu on macOS Big Sur

(twitter.com)
1183 points robenkleene | 3 comments | 20 Oct 20 15:51 UTC | HN request time: 0s | source
Show context
giancarlostoro ◴[20 Oct 20 17:16 UTC] No.24839945[source]
I mean I already knew something was weird when I couldnt su into root and do... root things without a bios hack on a Mac. Thats just not how Unix works at all... The whole concept of root is you are root no exceptions.
replies(5): >>24840051 #>>24840130 #>>24840255 #>>24840451 #>>24848099 #
1. beervirus ◴[20 Oct 20 17:59 UTC] No.24840451[source]
SELinux doesn’t let root just do whatever it wants.
replies(1): >>24840962 #
2. giancarlostoro ◴[20 Oct 20 18:47 UTC] No.24840962[source]
It's typically not enabled by default though, but I suppose that's a fair point.
replies(1): >>24841399 #
3. acdha ◴[20 Oct 20 19:26 UTC] No.24841399[source]
That very much depends on what distribution you use. The Fedora/CentOS/RHEL world has had SELinux enabled by default for years. The Debian world has not but AppArmor is pretty popular there and while that's a fairly different system it hits many of the same sandboxing points. Beyond the default configuration, anyone who is following a hardening standard like CIS is going to have SELinux enabled, too.