去掉__RESTRICT section的保护

一、正向如何启用__RESTRICT section保护

在Other Linker Flags中添加：

-Wl,-sectcreate,__RESTRICT,__restrict,/dev/null

来阻止dylib注入。

二、使用MachOView来查看可执行文件信息

MachOView截图

会发现设置后，会多了__RESTRICT,__restrict section
原因去apple的opensource找 链接地址

if ( removedCount != 0 ) {
    dyld::log("dyld: DYLD_ environment variables being ignored because ");
    switch (sRestrictedReason) {
        case restrictedNot:
            break;
        case restrictedBySetGUid:
            dyld::log("main executable (%s) is setuid or setgid\n", sExecPath);
            break;
        case restrictedBySegment:
            dyld::log("main executable (%s) has __RESTRICT/__restrict section\n", sExecPath);
            break;
        case restrictedByEntitlements:
            dyld::log("main executable (%s) is code signed with entitlements\n", sExecPath);
            break;
    }
}

三种情况，可以让环境变量：DYLD_INSERT_LIBRARIES被无视
1.Set restricted status by entitlements
This option is only available to applications on OS X with special entitlements.

2.setuid and setgid
Any application that makes these two calls are going to be marked as restricted by the linker as a security measure.

3.Restricted Segment of Header
The final way to mark a binary as restricted is by telling the linker to add new section to the binary header that is named “__RESTRICT” and has a section named “__restrict” when you compile it.
所以编译生成的含有__RESTRICT/__restrict section的app会忽略DYLD_INSERT_LIBRARIES。

三、去掉__RESTRICT section的保护方法

在iHex中搜索并替换所有