As the front line in the defence against most attacks on macOS, it’s vital that Safari can be updated more quickly and easily, but the mechanism of its storage and updating also need to be robust and not a vulnerability. Among these is Safari and its supporting components including WebKit. While the SSV is wonderfully secure, its security thus gets in the way of updates, so Apple has moved some components that are likely to be updated individually and more often, out of the SSV. Apple has been improving macOS update download size and time taken to install, but these will remain substantial because of what has to be done. To make even the smallest of changes in that, the update has to be installed first on the System volume, a snapshot is made of that and cryptographically sealed using a tree of hashes, then your Mac has to restart from that snapshot.īecause of the structure of the system, even small changes have to be accompanied by changes in other files, most importantly some large components, the dyld caches, and changes in the kernel and its extensions have to be incorporated in other collections used during the boot process. This is because almost all of macOS is locked away in a read-only snapshot of your Mac’s System volume. Since the introduction of the Signed System Volume (SSV) in Big Sur, macOS updates have been large and complex to install. This article explains why they’ve been introduced, what they do, and how you remain in control of them. Yesterday Apple released the first of a new type of update that we’re likely to see more of in the future: a Rapid Security Response, or RSR.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |