bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-10 21:33:27 +00:00
Code Issues Releases Wiki Activity

[PM-16530] [BRE-283] Changes to support hardening on the Mac desktop app (#12632)

Browse Source 
* [DEVOPS-1424] Changes to support hardening on the Mac desktop app

* Remove unsigned memory exception

* Remove exceptions from the local (non-MAS) mac builds as well

---------

Co-authored-by: Matt Bishop <mbishop@bitwarden.com>
This commit is contained in:
Brant DeBow
2024-12-31 15:16:31 -05:00
committed by GitHub
parent 899b16966a
commit e1778f4282
6 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
apps/desktop/electron-builder.json
View File

@@ -133,7 +133,7 @@
"entitlements": "resources/entitlements.mas.plist", "entitlements": "resources/entitlements.mas.plist",
"entitlementsInherit": "resources/entitlements.mas.inherit.plist", "entitlementsInherit": "resources/entitlements.mas.inherit.plist",
"entitlementsLoginHelper": "resources/entitlements.mas.loginhelper.plist", "entitlementsLoginHelper": "resources/entitlements.mas.loginhelper.plist",
"hardenedRuntime": false, "hardenedRuntime": true,
"extendInfo": { "extendInfo": {
"LSMinimumSystemVersion": "12", "LSMinimumSystemVersion": "12",
"ElectronTeamID": "LTZ2PFU5D6" "ElectronTeamID": "LTZ2PFU5D6"

2
apps/desktop/resources/entitlements.desktop_proxy.inherit.plist
View File

@@ -6,5 +6,7 @@
<true/> <true/>
<key>com.apple.security.inherit</key> <key>com.apple.security.inherit</key>
<true/> <true/>
<key>com.apple.security.cs.allow-jit</key>
<true/>
</dict> </dict>
</plist> </plist>

2
apps/desktop/resources/entitlements.desktop_proxy.plist
View File

@@ -8,5 +8,7 @@
<array> <array>
<string>LTZ2PFU5D6.com.bitwarden.desktop</string> <string>LTZ2PFU5D6.com.bitwarden.desktop</string>
</array> </array>
<key>com.apple.security.cs.allow-jit</key>
<true/>
</dict> </dict>
</plist> </plist>

4
apps/desktop/resources/entitlements.mac.plist
View File

@@ -4,10 +4,6 @@
<dict> <dict>
<key>com.apple.security.cs.allow-jit</key> <key>com.apple.security.cs.allow-jit</key>
<true/> <true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
<!-- <!--
<key>com.apple.developer.authentication-services.autofill-credential-provider</key> <key>com.apple.developer.authentication-services.autofill-credential-provider</key>
<true/> <true/>

4
apps/desktop/resources/entitlements.mas.inherit.plist
View File

@@ -6,9 +6,7 @@
<true/> <true/>
<key>com.apple.security.inherit</key> <key>com.apple.security.inherit</key>
<true/> <true/>
<key>com.apple.security.cs.allow-unsigned-executable-memory</key> <key>com.apple.security.cs.allow-jit</key>
<true/>
<key>com.apple.security.cs.disable-library-validation</key>
<true/> <true/>
<!-- <!--
<key>com.apple.developer.authentication-services.autofill-credential-provider</key> <key>com.apple.developer.authentication-services.autofill-credential-provider</key>

2
apps/desktop/resources/entitlements.mas.plist
View File

@@ -34,5 +34,7 @@
<string>/Library/Application Support/Microsoft Edge Canary/NativeMessagingHosts/</string> <string>/Library/Application Support/Microsoft Edge Canary/NativeMessagingHosts/</string>
<string>/Library/Application Support/Vivaldi/NativeMessagingHosts/</string> <string>/Library/Application Support/Vivaldi/NativeMessagingHosts/</string>
</array> </array>
<key>com.apple.security.cs.allow-jit</key>
<true/>
</dict> </dict>
</plist> </plist>