starred/LiveContainer
1
0
Fork 0
mirror of https://github.com/LiveContainer/LiveContainer.git synced 2026-04-26 01:25:52 +03:00
Code Issues 37 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #110] JIT-less vs JIT enabled #97

New issue
Closed
opened 2026-03-03 15:30:30 +03:00 by kerem · 4 comments
kerem commented 2026-03-03 15:30:30 +03:00
Owner
Copy link

Originally created by @corysus on GitHub (Aug 6, 2024).
Original GitHub issue: https://github.com/LiveContainer/LiveContainer/issues/110

Describe the issue

First, I want to thank you for the amazing project that you and your team have made. This is something that the community needed, because the limit of 3 apps for sideloading on overpriced devices that we buy is very frustrating and unfair.

I have set up LC with JIT-less and it works very well. Now, if I understand correctly, when we use JIT-less, it reuses the certs and mobileprovision that we get from Apple, and in this case, we sign the app with limited entitlements. But if we use JIT-enabled, then we don't need to use certs to sign the app, and in that case, the app uses the entitlements that are present inside the app? If this is true, can we in that case use ldid/zsign or any other sign tool to put any entitlements that we need along with any dylib we want?

Thank you.

Instructions to reproduce

What version of LiveContainer are you using?

Version 2.0-release (main/6f954a1)

Other

No response

Originally created by @corysus on GitHub (Aug 6, 2024). Original GitHub issue: https://github.com/LiveContainer/LiveContainer/issues/110 ### Describe the issue First, I want to thank you for the amazing project that you and your team have made. This is something that the community needed, because the limit of 3 apps for sideloading on overpriced devices that we buy is very frustrating and unfair. I have set up LC with JIT-less and it works very well. Now, if I understand correctly, when we use JIT-less, it reuses the certs and mobileprovision that we get from Apple, and in this case, we sign the app with limited entitlements. But if we use JIT-enabled, then we don't need to use certs to sign the app, and in that case, the app uses the entitlements that are present inside the app? If this is true, can we in that case use `ldid/zsign` or any other sign tool to put any entitlements that we need along with any `dylib` we want? Thank you. ### Instructions to reproduce — ### What version of LiveContainer are you using? Version 2.0-release (main/6f954a1) ### Other _No response_
kerem 2026-03-03 15:30:30 +03:00
kerem commented 2026-03-03 15:30:31 +03:00
Author
Owner
Copy link

@khanhduytran0 commented on GitHub (Aug 7, 2024):

Unfortunately, it doesn’t work like that. Apple security is no joke. If you were able to use any entitlements with JIT only (including those that unsandbox, wait, is 17.0 TrollStore installation method right here?), it would be considered a security vulnerability and Apple would patch it immediately.
JIT mode just bypasses the code signature by dynamically loading unsigned executable pages only, it does not bypass AMFI/CoreTrust.

<!-- gh-comment-id:2273060178 --> @khanhduytran0 commented on GitHub (Aug 7, 2024): Unfortunately, it doesn’t work like that. Apple security is no joke. If you were able to use any entitlements with JIT only (including those that unsandbox, *wait, is 17.0 TrollStore installation method right here?*), it would be considered a security vulnerability and Apple would patch it immediately. JIT mode just bypasses the code signature by dynamically loading unsigned executable pages only, it does not bypass AMFI/CoreTrust.
kerem commented 2026-03-03 15:30:32 +03:00
Author
Owner
Copy link

@khanhduytran0 commented on GitHub (Aug 7, 2024):

To elaborate further, LiveContainer converts the main executable to a dynamic library (.dylib) before it could be loaded using a regular dlopen() call. Even if you managed to load an unpatched executable, it would not work either. AMFI only loads entitlements from the real main executable.

<!-- gh-comment-id:2273071833 --> @khanhduytran0 commented on GitHub (Aug 7, 2024): To elaborate further, LiveContainer converts the main executable to a dynamic library (`.dylib`) before it could be loaded using a regular `dlopen()` call. Even if you managed to load an unpatched executable, it would not work either. AMFI only loads entitlements from the real main executable.
kerem commented 2026-03-03 15:30:32 +03:00
Author
Owner
Copy link

@corysus commented on GitHub (Aug 7, 2024):

Ok, thank you for the detailed explanation.

<!-- gh-comment-id:2273402009 --> @corysus commented on GitHub (Aug 7, 2024): Ok, thank you for the detailed explanation.
kerem commented 2026-03-03 15:30:32 +03:00
Author
Owner
Copy link

@Johnzx07 commented on GitHub (Feb 5, 2025):

Is there a way to switch between JIT mode and JITLESS mode?

<!-- gh-comment-id:2635537832 --> @Johnzx07 commented on GitHub (Feb 5, 2025): Is there a way to switch between JIT mode and JITLESS mode?
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
multitask-experimental
SecuritySignerPOC
externalstorage-poc
jitless
nightly
3.7.2
3.7.0
3.6.1
3.6.0
3.5.1
3.5.0
3.4.0
3.3.1
3.3.0
3.2.0
3.1.0
3.0.0
2.1.2
2.1.1
2.1
2.0-pre
1.0
Labels
Clear labels   
bug

   
compatibility

   
enhancement

   
multitasking

   
pull-request

Mirrored from GitHub Pull Request

  
safe area

   
status: broken

   
status: usable

   
wontfix
No labels
bug
compatibility
enhancement
multitasking
pull-request
safe area
status: broken
status: usable
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/LiveContainer#97
No description provided.