|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Sandbox"
m |
Planetbeing (talk | contribs) |
||
| Line 1: | Line 1: | ||
| − | Apple's software based [[Wikipedia: |
+ | Apple's software based [[Wikipedia:Mandatory access control|mandatory access control]] that was introduced in [[iOS]] 2.0. It is a higher level layer on top of the XNU implementation of the TrustedBSD MAC framework. |
== Problem's == |
== Problem's == |
||
Revision as of 23:36, 30 January 2012
Apple's software based mandatory access control that was introduced in iOS 2.0. It is a higher level layer on top of the XNU implementation of the TrustedBSD MAC framework.
Problem's
- In addition to the new set of frameworks in 2.0, applications had to be tweaked to use the new sandbox.
- For applications to run, they need to have a folder called _Codesign with a file inside called CodeResources
- If a userland exploit was discovered in an App Store app, the CodeResources would become invalid when a file was injected.
- The checks are not as hard on built in applications in the firmware [1] (only version.plist is checked to prevent a soft upgrade )
Exploits
The dependency on the CodeResources file makes it vulnerable to the Incomplete Codesign Exploit
