Reputation: 5334
Debug info as dSYM file a security risk for disassembly?
I'm compiling a software on Mac OS X, and I don't want to expose the internals of it. But it would be great if I could use crashlogs sent by the users to inspect the crash reasons. I fear that the debug info generation as dSYM file exposes the internals of my app (the dSYM files not being distributed, anyway), so my question(s) is (are):
Does the dSYM file generation modify the generated application binary? If it does, how does it modify the binary? Is it a security risk for my intellectual property (e.g. is disassembly easier with dSYM file generation)?
Thanks.
Upvotes: 1
Views: 701
Answers (1)
Reputation: 11594
The only thing the dSYM would provide to someone trying to disassemble your code is routine and symbol names that might have otherwise been stripped by the deployment build.
This only applies to unexported C and C++ routines. Routines names from Objective-C code gets included no matter what.
So unless you're worried about revealing the names of your C routines, I don't see any security risk.
Upvotes: 3
Related Questions
- Xcode archive not creating DSYM file
- What's the dSYM and how to use it? (iOS SDK)
- Can clang build executables with "dsym" debug information?
- Is striping certain information from a C++ binary safe?
- Dsymutil warning "no debug symbols in executable"
- How can I symbolicate without archive but have .dsym files?
- Can't get XCode 3.2.2 to generate dSYM file
- Are dSYM files necessary during development?
- Can I still symbolicate a distribution build that stripped its debug symbols?
- Why does GDB say "no line number info available" when symbolizing a crash dump using dSYM file?