There are two checks to see whether an app runs in a sandbox: first, look in ~/Library/Containers/ to see if that app has a container folder there, containing the resources such as the preference file which it uses.
access to Bluetooth, USB devices, and other hardware.read-only or read-write access to files in standard locations such as ~/Music.read-only or read-write access to files selected by the user in an Open or Save dialog.networking to receive incoming connections.An app’s sandbox profile is delivered within the app itself, and those for OS X components are kept in /System/Library/Sandbox/Profiles and /usr/share/sandbox.Ĭommon features which can be restricted by a sandbox profile include: The sandbox mechanism is operated for the kernel by a kernel extension named Sandbox.kext in /System/Library/Extensions, which provides the sandboxd daemon and its support. Given a quick authentication dialog, it could also do nasty things to even more important files, although SIP now prevents it from touching key system files. So when run by an admin user, a hijacked app could encrypt all that user’s documents, and run rife through many very sensitive folders. If an app does not run in a sandbox, there is no built-in system to prevent it from doing anything that the user who runs the app can do. If a hacker then discovered a vulnerability in that app which they tried to use to encrypt those files and save them, OS X would not allow the app to write those files, because its sandbox profile does not permit it to write files.
In its sandbox profile, it will tell OS X that it needs to be able to open files to read, but not to write them. In the event that a vulnerability in that app (or which affects the app) is exploited, the sandbox should remain intact, and continue to prevent that app from doing what it shouldn’t.Ĭonsider an app which only reads PDF files, and cannot write to them. At present apps running in OS X are only expected to do so when they are purchased from the App Store, although with macOS Sierra Apple is expected to encourage all app developers to run their apps in a sandbox.Ī sandbox restricts an app’s access to operating system resources. When iOS apps run, they have to operate within a sandbox, sometimes figuratively referred to as Apple’s or the iOS walled garden.
0 kommentar(er)
