![]() ![]() The only way Apache is getting updated is with a software update from Apple. If it's not enabled, why can't the files be removed?Īs others have said, it is part of the operating system, which resides on a read-only, cryptographically sealed volume. If it is some form of exploit that Apple knows is being actively exploited, they may update it in a security update. There are many unused software tools installed by default on macOS and they are rarely updated in any timely manner. The fact that the server is not running and would require root to enable the server does not enter into their calculus. ![]() ![]() They only understand scripts that tell them, "package x-bad, must correct." They have no capacity to understand the security model. However, you will never appease the auditors. If you disable SIP, you might be able to delete it. I'm not sure whether the http daemon is stored in the sealed snapshot or just protected by SIP. You could install that version of apache, but it won't update the built-in version. Many of our developers are using them now, and the Apache files are raising red flags with our auditors.Īside from waiting for the next security update from Apple, can I just install (upgrade) the latest version of Apache, which does contain the fixes -version 2.4.54 (the current macOS build for Apache is 2.4.53)? If it's not enabled, why can't the files be removed? I was able to get an exception to using Macs in my company. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |