The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information.

Sandbox

From The iPhone Wiki
Revision as of 16:13, 14 December 2011 by Dialexio (talk | contribs)
Jump to: navigation, search

Apple's software based Hypervisor that was introduced in iOS 2.0.

Problem's

  • In addition to the new set of frameworks in 2.0, applications had to be tweaked to use the new sandbox.
  • For applications to run, they need to have a folder called _Codesign with a file inside called CodeResources
  • If a userland exploit was discovered in an App Store app, the CodeResources would become invalid when a file was injected.
  • The checks are not as hard on built in applications in the firmware [1] (only version.plist is checked to prevent a soft upgrade )

Exploits

The dependency on the CodeResources file makes it vulnerable to the Incomplete Codesign Exploit

More Info

http://iphonedevwiki.net/index.php/Seatbelt

Retrieved from "https://www.theiphonewiki.com/w/index.php?title=Sandbox&oldid=22860"