From 4d6be3d2487b6896e1ae70e2ddd4d2f395e39b31 Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kyle.spearrin@gmail.com>
Date: Fri, 23 Aug 2019 12:30:30 -0400
Subject: [PATCH] hardened runtime entitlements

---
 src/safari/desktop/desktop.entitlements | 6 +++++-
 src/safari/safari/safari.entitlements   | 4 ++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/safari/desktop/desktop.entitlements b/src/safari/desktop/desktop.entitlements
index f2ef3ae026..b848666d0d 100644
--- a/src/safari/desktop/desktop.entitlements
+++ b/src/safari/desktop/desktop.entitlements
@@ -4,7 +4,11 @@
 <dict>
     <key>com.apple.security.app-sandbox</key>
     <true/>
-    <key>com.apple.security.files.user-selected.read-only</key>
+    <key>com.apple.security.files.user-selected.read-write</key>
     <true/>
+	<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
+	<true/>
+	<key>com.apple.security.cs.disable-library-validation</key>
+	<true/>
 </dict>
 </plist>
diff --git a/src/safari/safari/safari.entitlements b/src/safari/safari/safari.entitlements
index 85c03d7b48..c7e6e71dee 100644
--- a/src/safari/safari/safari.entitlements
+++ b/src/safari/safari/safari.entitlements
@@ -10,5 +10,9 @@
 	<true/>
 	<key>com.apple.security.network.server</key>
 	<true/>
+	<key>com.apple.security.cs.allow-unsigned-executable-memory</key>
+	<true/>
+	<key>com.apple.security.cs.disable-library-validation</key>
+	<true/>
 </dict>
 </plist>