The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information.

Difference between revisions of "Sandbox"

From The iPhone Wiki
Jump to: navigation, search
Line 1: Line 1:
 
{{DISPLAYTITLE:sandbox}}
  
{{DISPLAYTITLE:sandbox}}
It is apple's software based [[Wikipedia:Hypervisor|Hypervisor]] that was introduced in [[firmware]] 2.0 called [[sandbox]]
 +
Apple's software based [[Wikipedia:Hypervisor|Hypervisor]] that was introduced in [[firmware]] 2.0 is named [[Sandbox]].
   
 
== Problem's ==
  
== Problem's ==
  +
*In addition to the new set of frameworks in 2.0, applications had to be tweaked to use the new Sandbox.
*This made all [[App Store]]'s apps need updating to work on the new [[iOS]]
 
*For app's to run they needed to have a folder called [[_Codesign]] in it was a file called [[CodeResources]]
+
*For applications to run, they need to have a folder called [[_Codesign]] with a file inside called [[CodeResources]]
*If a [[userland]] exploit was discovered in an [[App Store]] app the [[CodeResources]] would become invalid when a file was injected
 +
*If a [[userland]] exploit was discovered in an [[App Store]] app, the [[CodeResources]] would become invalid when a file was injected.
 
*The checks are not as hard on app's in the [[firmware]] [[http://pastebin.com/6C55pTxf]] (only version.plist is checked to prevent a [[soft_upgrade]] )
  
*The checks are not as hard on app's in the [[firmware]] [[http://pastebin.com/6C55pTxf]] (only version.plist is checked to prevent a [[soft_upgrade]] )
   
== Exploit's ==
 +
== Exploits ==
 
The dependency on the [[CodeResources]] file makes it vulnerable to the [[Incomplete Codesign Exploit]]
  
The dependency on the [[CodeResources]] file makes it vulnerable to the [[Incomplete Codesign Exploit]]
  +
  +
== More Info ==
  +
http://iphonedevwiki.net/index.php/Seatbelt

Revision as of 13:45, 28 October 2010

Apple's software based Hypervisor that was introduced in firmware 2.0 is named Sandbox.

Problem's

  • In addition to the new set of frameworks in 2.0, applications had to be tweaked to use the new Sandbox.
  • For applications to run, they need to have a folder called _Codesign with a file inside called CodeResources
  • If a userland exploit was discovered in an App Store app, the CodeResources would become invalid when a file was injected.
  • The checks are not as hard on app's in the firmware [[1]] (only version.plist is checked to prevent a soft_upgrade )

Exploits

The dependency on the CodeResources file makes it vulnerable to the Incomplete Codesign Exploit

More Info

http://iphonedevwiki.net/index.php/Seatbelt

Retrieved from "https://www.theiphonewiki.com/w/index.php?title=Sandbox&oldid=11530"