Removing unnecessary macOS version check (#7451)

Resolves #7321
osquery · Jan 31, 2022 · d701a22 · d701a22
1 parent 852d87b
commit d701a22
Showing 1 changed file with 0 additions and 17 deletions.
diff --git a/osquery/tables/system/darwin/signature.mm b/osquery/tables/system/darwin/signature.mm
@@ -34,28 +34,11 @@
 std::set<std::string> kCheckedArches{
     "", "i386", "ppc", "arm", "x86_64", "arm64"};
 
-int getOSMinorVersion() {
-  auto qd = SQL::selectAllFrom("os_version");
-  if (qd.size() != 1) {
-    return -1;
-  }
-
-  return tryTo<int>(qd.front().at("minor")).takeOr(-1);
-}
-
 // Get the flags to pass to SecStaticCodeCheckValidityWithErrors, depending on
 // the OS version.
 Status getVerifyFlags(SecCSFlags& flags, bool hashResources) {
-  static const auto minorVersion = getOSMinorVersion();
-  if (minorVersion == -1) {
-    return Status(-1, "Couldn't determine OS X version");
-  }
-
   flags = kSecCSStrictValidate | kSecCSCheckAllArchitectures |
           kSecCSCheckNestedCode;
-  if (minorVersion > 8) {
-    flags |= kSecCSCheckNestedCode;
-  }
 
   if (!hashResources) {
     flags |= kSecCSDoNotValidateResources;