Bug 103490

Summary: macOS: xquartz relies on SIP whitelist to install
Product: XQuartz Reporter: testy
Component: New BugsAssignee: Jeremy Huddleston Sequoia <jeremyhu>
Status: RESOLVED NOTABUG QA Contact: Jeremy Huddleston Sequoia <jeremyhu>
Severity: major    
Priority: medium    
Version: 2.7.11 (xserver-1.18.4)   
Hardware: Other   
OS: Mac OS X (All)   
Whiteboard:
i915 platform: i915 features:

Description testy 2017-10-27 17:48:53 UTC 
System Integrity Protection in macOS prevents processes writing to system locations.
There is currently a "compatibility bundle" at this location:

/System/Library/Sandbox/Compatibility.bundle/Contents/Resources/paths

These appear to be system locations that processes can write to even with SIP enabled.

When I install Xquartz I see that in the post install script its builds a font cache and puts data in these locations (that part of that compatibility list):

/System/Library/Fonts/fonts.list
/System/Library/Fonts/fonts.scale
/System/Library/Fonts/fonts.dir
/System/Library/Fonts/encodings.dir

If Apple were to remove these entries from the list in the future I think that would cause the post install script to fail, which would fail the entire install. This seems likely to happen.

Could this data be relocated elsewhere?
Comment 1 Jeremy Huddleston Sequoia 2017-10-28 15:58:43 UTC 
Not without breaking binary compatibility with shipping 3rd party apps, which is why we have them listed there.

If we ever remove the compatibility exceptions for some reason, X11 will stop finding fonts in those paths when using the older font system.  The newer font system will continue to find them because fontconfig stores that data in an external cache.

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.