在 Build Settings 里找到 Other Linker Flags,然后在 release 项添加:
-Wl,-sectcreate,__RESTRICT,__restrict,/dev/null
https://opensource.apple.com/source/dyld/dyld-210.2.3/src/dyld.cpp
switch (sRestrictedReason) {
case restrictedNot:
break;
case restrictedBySetGUid:
dyld::log("main executable (%s) is setuid or setgid\n", sExecPath);
break;
case restrictedBySegment:
dyld::log("main executable (%s) has __RESTRICT/__restrict section\n", sExecPath);
break;
case restrictedByEntitlements:
dyld::log("main executable (%s) is code signed with entitlements\n", sExecPath);
break;
}上面的三种情况,可以让环境变量:DYLD_INSERT_LIBRARIES 被无视
1.setuid and setgid / 可执行文件被 setuid 或 setgid 了
Any application that makes these two calls are going to be marked as restricted by the linker as a security measure.
2.Restricted Segment of Header / 可执行文件含有__RESTRICT/__restrict 这个 section
The final way to mark a binary as restricted is by telling the linker to add new section to the binary header that is named “__RESTRICT” and has a section named “__restrict” when you compile it.
3.Set restricted status by entitlements / 可执行文件被签了某个 entitlements
This option is only available to applications on OS X with special entitlements.
其中,因为Apple的审核机制,1和3不能由用户指定
所以编译生成的含有 __RESTRICT/__restrict section 的 app 会忽略 DYLD_INSERT_LIBRARIES
参考:
iOS安全—阻止tweak注入hook api
