Opened 2 years ago
Last modified 2 years ago
#21164 new defect
Virtualbox 7.0.0 - macOS - provisioning profile
| Reported by: | kapitainsky | Owned by: | |
|---|---|---|---|
| Component: | installer | Version: | VirtualBox 7.0.0 |
| Keywords: | Cc: | ||
| Guest type: | all | Host type: | Mac OS X |
Description
Hi all,
I and other forum members noticed that the latest VB on macOS adds provisioning profile:
https://forums.virtualbox.org/viewtopic.php?f=8&t=107346
Would it be possible briefly explain what it is for? macOS profiles are very powerful thing usually used by corporate administrators to change behavior of managed computers, e.g. to install new root certs. Long story short it can have potentially security implications some of us care more than others.
Thank you for your clarification in advanced.
Kind Regards
kapitainsky
Change History (2)
comment:1 by , 2 years ago
comment:2 by , 2 years ago
Can some basic info be added to the change log https://www.virtualbox.org/wiki/Changelog-7.0#v00 and link to a KB article about the Profile?
Note:
See TracTickets
for help on using tickets.
The provisioning profile is required for using the non-GUI parts of VirtualBox. Command line tools (such as VBoxHeadless) which need access to Hypervisor.Framework can only get it through an installed provisioning profile. For macOS GUI applications it would be enough to have it in VirtualBox.app, but that would cause weird failures with headless VMs.
Oracle's profile is very minimal (we'll extend it slightly to additionally get the renamed entitlement for newer macOS versions), and we have no plans of adding crazy things to it. Certainly not adding root certs and the like.
I can understand that they're causing raised eyebrows and that such provisioning profiles are annoying to inspect. The XML content isn't that easy to read, and Apple's signature is making the whole thing a binary, ugly thing.