Well, compromising a kext would be a significant 0wn and quite difficult to explain away.
I can see how Apple would be cagey and reluctant: although it’s technically feasible to revoke compromised publishers imagine the hysteria “OMG Apple kernel got 0wnd!”, “Apple kernel phones home to spy your extensions!”, “Apple can remotely brick your Mac with key revocation!”
It’s bull of course...
... I guess FUSE is one kernel service Apple should just provide out of the box
I can see how Apple would be cagey and reluctant: although it’s technically feasible to revoke compromised publishers imagine the hysteria “OMG Apple kernel got 0wnd!”, “Apple kernel phones home to spy your extensions!”, “Apple can remotely brick your Mac with key revocation!”
It’s bull of course...
... I guess FUSE is one kernel service Apple should just provide out of the box