|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Sandbox"
| Line 1: | Line 1: | ||
| + | {{DISPLAYTITLE:sandbox}} |
||
| − | #REDIRECT [[User:liamchat/Sandbox]] |
||
| + | It is apple's software based [[Wikipedia:Hypervisor|Hypervisor]] that was introduced in [[firmware]] 2.0 called [[sandbox]] |
||
| + | |||
| + | == Problem's == |
||
| + | *This made all [[App Store]]'s apps need updating to work on the new [[iOS]] |
||
| + | *For app's to run they needed to have a folder called [[_Codesign]] in it was a file called [[CodeResources]] |
||
| + | *If a [[userland]] exploit was discovered in an [[App Store]] app the [[CodeResources]] would become invalid when a file was injected |
||
| + | *The checks are not as hard on app's in the [[firmware]] [[http://pastebin.com/6C55pTxf]] (only version.plist is checked to prevent a [[soft_upgrade]] ) |
||
| + | |||
| + | == Exploit's == |
||
| + | The dependency on the [[CodeResources]] file makes it vulnerable to the [[Incomplete Codesign Exploit]] |
||
Revision as of 17:11, 27 October 2010
It is apple's software based Hypervisor that was introduced in firmware 2.0 called sandbox
Problem's
- This made all App Store's apps need updating to work on the new iOS
- For app's to run they needed to have a folder called _Codesign in it was a file called CodeResources
- If a userland exploit was discovered in an App Store app the CodeResources would become invalid when a file was injected
- The checks are not as hard on app's in the firmware [[1]] (only version.plist is checked to prevent a soft_upgrade )
Exploit's
The dependency on the CodeResources file makes it vulnerable to the Incomplete Codesign Exploit
