[vbox-dev] wiki/Mac OS X build instructions, hardening warning

Christian Pötzsch christian.poetzsch at oracle.com
Wed Aug 31 13:49:11 GMT 2011 

Hi again,

I checked what have to be done to build a hardening version of VBox in
MacPorts. I updated http://trac.macports.org/ticket/30992 with the
detailed instructions.

Please point any relevant developers to this ticked.

Thanks
Chris

On 08/29/11 19:14, Christian Pötzsch wrote:
> Hi Ryan,
> 
> I build VBox with MacPorts and it is working. However, hardening is
> *disabled* in the portfile of VirtualBox. As I already wrote, this is
> _not_ save to use and shouldn't be done by an package installation system.
> 
> If there are any problems with building the hardening on another path as
> the default one (/Applications/VirtualBox.app/...), this should be
> reported to us and we can try (together) to solve any issues. Accounting
> how big and widely used MacPorts is, you really should consider
> disabling the port for now. Feel free to ask any questions.
> 
> Chris
> 
> On 08/28/11 19:58, Christian Pötzsch wrote:
>> Hi Ryan,
>>
>> this Wiki page is for building VirtualBox from the sources, mainly for
>> development. So a MacPorts portfile doesn't help here. Also I guess the
>> portfile will build a version for X11 and not Quartz.
>>
>> About your question about hardening: This warning says exactly what it
>> means. Don't use VBox without hardening for production builds. If you
>> don't have configured to disable hardening, I just can imagine its
>> because you build the X11 version on OSX.
>>
>> Chris
>>
>> On 8/28/11 12:27 AM, Ryan Stonecipher wrote:
>>> Hello all,
>>> I am Ryan Stonecipher and have been using VirtualBox since a few
>>> months before it was purchased by Sun - what a long way it has come!
>>> I contribute to the MacPorts project and have a couple
>>> suggestions/ideas now that one of my peers has completed a Portfile (a
>>> build recipe of sorts) for VirtualBox.
>>>
>>> I have a few suggestions for simplifying the 'Mac OS X build
>>> instructions' wiki page:
>>>   I would propose the following changes to the Prerequisites on Mac OS
>>> X section:
>>>     add '4.1 or later for Lion (available from the Mac App Store)' to
>>> the per-platform list of required XCode versions
>>>     Replace 'Some things from MacPorts' with 'MacPorts' (the
>>> virtualbox port handles its dependencies)
>>>     Remove everything after the reminder to edit paths in ~/.profile
>>> (same reason as above)
>>>   I would propose the following change to the Building VirtualBox section:
>>>     Replace everything before the 'Tips for building VirtualBox on
>>> Snow Leopard 32 bit' subsection with:
>>>       In Terminal.app, run 'sudo port install virtualbox'
>>>   I would propose the following change to th Running VirtualBox section:
>>>     Replace the entire section with:
>>>       1. In Terminal.app, run 'sudo port load virtualbox'
>>>       2. Launch /Applications/MacPorts/VirtualBox.app
>>>
>>> A MacPorts developer noted that the following warning is displayed
>>> during configuration:
>>>   Hardening is disabled. Please do NOT build packages for distribution
>>> with disabled hardening!
>>> From what little research I have done, it appears that hardening is
>>> for Linux/BSD - should it be a concern for distribution on OS X?
>>> If so, the 'Mac OS X build instructions' wiki page should probably
>>> include a detailed breakdown of what to do for hardening similar to
>>> the 'Linux build instructions' wiki page.
>>>
>>> Cheers,
>>>
>>> Ryan Stonecipher
>>> 573.489.2848
>>>
>>> _______________________________________________
>>> vbox-dev mailing list
>>> vbox-dev at virtualbox.org
>>> http://vbox.innotek.de/mailman/listinfo/vbox-dev
>>
>>
> 
> 


-- 
Dr. Christian Pötzsch                             http://www.oracle.com/
========================================================================
ORACLE Deutschland B.V. & Co. KG,
Hauptverwaltung: Riesstr. 25, D-80992 München
Registergericht: Amtsgericht München, HRA 95603

Komplementärin: ORACLE Deutschland Verwaltung B.V.
Hertogswetering 163/167, 3543 AS Utrecht, Niederlande
Handelsregister der Handelskammer Midden-Niederlande, Nr. 30143697
Geschäftsführer: Jürgen Kunz, Marcel van de Molen, Alexander van der Ven
========================================================================

More information about the vbox-dev mailing list