Difference between revisions of "Sandbox"

Revision as of 16:13, 14 December 2011

Apple's software based Hypervisor that was introduced in iOS 2.0.

In addition to the new set of frameworks in 2.0, applications had to be tweaked to use the new sandbox.
For applications to run, they need to have a folder called _Codesign with a file inside called CodeResources
If a userland exploit was discovered in an App Store app, the CodeResources would become invalid when a file was injected.
The checks are not as hard on built in applications in the firmware [1] (only version.plist is checked to prevent a soft upgrade )

The dependency on the CodeResources file makes it vulnerable to the Incomplete Codesign Exploit

@@ Line 1: / Line 1: @@
+Apple's software based [[Wikipedia:Hypervisor|Hypervisor]] that was introduced in [[iOS]] 2.0.
-{{DISPLAYTITLE:sandbox}}
-Apple's software based [[Wikipedia:Hypervisor|Hypervisor]] that was introduced in [[firmware]] 2.0 is named [[Sandbox]].
 == Problem's ==
-*In addition to the new set of frameworks in 2.0, applications had to be tweaked to use the new Sandbox.
+*In addition to the new set of frameworks in 2.0, applications had to be tweaked to use the new sandbox.
 *For applications to run, they need to have a folder called [[_Codesign]] with a file inside called [[CodeResources]]
 *If a [[userland]] exploit was discovered in an [[App Store]] app, the [[CodeResources]] would become invalid when a file was injected.
-*The checks are not as hard on built in applications in the [[firmware]] [[http://pastebin.com/6C55pTxf]] (only version.plist is checked to prevent a [[soft_upgrade]] )
+*The checks are not as hard on built in applications in the [[firmware]] [http://pastebin.com/6C55pTxf] (only version.plist is checked to prevent a [[soft upgrade]] )
 == Exploits ==