The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Talk:Incomplete Codesign Exploit"
(cannot be patched) |
m |
||
Line 9: | Line 9: | ||
Should we decribe it or is it better to wait until Apple fixes it? --[[User:Redart|Redart]] 07:44, 21 October 2010 (UTC) |
Should we decribe it or is it better to wait until Apple fixes it? --[[User:Redart|Redart]] 07:44, 21 October 2010 (UTC) |
||
:i think it cannot be patched also the codesign need's to be patched to run jailbroken apps because codesign would kill any applications not signed by Apple --[[User:Liamchat|liamchat]] 17:56, 26 October 2010 (UTC) |
:i think it cannot be patched also the codesign need's to be patched to run jailbroken apps because codesign would kill any applications not signed by Apple --[[User:Liamchat|liamchat]] 17:56, 26 October 2010 (UTC) |
||
+ | :It is patchable, all kernel based exploits are since it is software based. --[[User:JacobVengeance|JakeAnthraX]] 18:00, 26 October 2010 (UTC) |
Revision as of 18:00, 26 October 2010
This has to be one of the most puzzling exploits in iOS. Since it was revealed in 3.1.3/3.2, Apple has yet to close it in 4.0, 4.02, or 4.1 or even 4.2 betas.
Somehow, once you stick a dynamic library or other goody with some sort of "incomplete codesign" magic in the right location and add a startup service, iOS will execute it. Perhaps Apple has no way to fix this without breaking other things? Iemit737 00:23, 10 October 2010 (UTC)
AFAIK IncompleteCodesignExploit is an exploit in WWDR Cert Checking that allows ppl to create fake entitlements. Obviously I'm not sure it works in this way. --Qwertyoruiop 00:41, 10 October 2010 (UTC)
Should we decribe it or is it better to wait until Apple fixes it? --Redart 07:44, 21 October 2010 (UTC)
- i think it cannot be patched also the codesign need's to be patched to run jailbroken apps because codesign would kill any applications not signed by Apple --liamchat 17:56, 26 October 2010 (UTC)
- It is patchable, all kernel based exploits are since it is software based. --JakeAnthraX 18:00, 26 October 2010 (UTC)