Git-Mirrors/privacyguides.org
1
0
Fork 0
mirror of https://github.com/privacyguides/privacyguides.org.git synced 2025-04-23 00:29:23 -04:00
Code Issues Packages Projects Releases Wiki Activity

move app revocation checks

Browse Source
This commit is contained in:
mfwmyfacewhen 2023-08-09 04:29:21 -05:00 committed by GitHub
parent e0d81ac98b
commit 6259f964f4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
docs/os/macos-overview.md
View File

@ -129,12 +129,6 @@ macOS employs defense in depth by relying on multiple layers of software and har
macOS allows you to install beta updates. These are unstable and may come with extra telemetry since they're for testing purposes. Because of this, we recommend you avoid beta software in general.
### App Revocation Checks
macOS performs online OCSP checks using HTTPS encryption when you open an app to verify whether an app contains known malware, and whether the developers signing certificate is revoked.
We recommend against blocking these checks.
#### Signed System Volume
macOS's system components are protected in a read-only signed system volume, meaning that neither you nor malware can alter important system files.
@ -149,6 +143,12 @@ System Integrity Protection makes critical file locations read-only to protect a
#### Application Security
### App Revocation Checks
macOS performs online OCSP checks using HTTPS encryption when you open an app to verify whether an app contains known malware, and whether the developers signing certificate is revoked.
We recommend against blocking these checks.
##### App Sandbox
macOS apps downloaded from the App Store are required to use the [App Sandbox](https://developer.apple.com/documentation/security/app_sandbox). You should avoid non-App Store software as much as possible.