From bc82d7988b8a076bb12c128c9b3555bbed398d73 Mon Sep 17 00:00:00 2001
From: Russell Hancox <russellhancox@users.noreply.github.com>
Date: Mon, 22 Jul 2019 17:05:34 -0400
Subject: [PATCH] santad: Add /usr/lib/dyld to critical system binaries (#376)

dyld is also authorized by santad and a bad cache eviction plus trustd/ocspd not running can result in deadlock.

Fixes #375, probably.
---
 Source/santad/DataLayer/SNTRuleTable.m | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Source/santad/DataLayer/SNTRuleTable.m b/Source/santad/DataLayer/SNTRuleTable.m
index 6f5b58081..53459e6fd 100644
--- a/Source/santad/DataLayer/SNTRuleTable.m
+++ b/Source/santad/DataLayer/SNTRuleTable.m
@@ -41,7 +41,8 @@ @implementation SNTRuleTable
 
 - (NSArray *)criticalSystemBinaryPaths {
   return @[
-    @"/usr/libexec/trustd", @"/usr/sbin/securityd", @"/usr/libexec/xpcproxy", @"/usr/sbin/ocspd"
+    @"/usr/libexec/trustd", @"/usr/sbin/securityd", @"/usr/libexec/xpcproxy",
+    @"/usr/sbin/ocspd", @"/usr/lib/dyld"
   ];
 }