> According to Apple you are supposed to link to libSystem.dylib for syscalls, but there's obviously nothing stopping you from calling into the kernel directly.
As a matter of OS design, this is no longer obvious:
> A new mechanism to help thwart return-oriented programming (ROP) and similar attacks has recently been added to the OpenBSD kernel. It will block system calls that are not made via the C library (libc) system-call wrappers.
As a matter of OS design, this is no longer obvious:
https://lwn.net/Articles/806776/
> A new mechanism to help thwart return-oriented programming (ROP) and similar attacks has recently been added to the OpenBSD kernel. It will block system calls that are not made via the C library (libc) system-call wrappers.
MacOS doesn't implement that, sure, but it could.