Session 5: Cybersecurity WPES ’19, November 11, 2019, London, United Kingdom State of the Sandbox: Investigating macOS Application Security Maximilian Blochberger Jakob Rieck Christian Burkert
[email protected] [email protected] [email protected] hamburg.de University of Hamburg University of Hamburg University of Hamburg Germany Germany Germany Tobias Mueller Hannes Federrath
[email protected] [email protected] University of Hamburg hamburg.de Germany University of Hamburg Germany ABSTRACT Application Security. In 18th Workshop on Privacy in the Electronic Society Sandboxing is a way to deliberately restrict applications accessing (WPES ’19), November 11, 2019, London, UK. ACM, New York, NY, USA, 12 pages. https://doi.org/110.1145/3338498.3358654 resources that they do not need to function properly. Sandboxing is intended to limit the effect of potential exploits and to mitigate overreach to personal data. Since June 1, 2012, sandboxing is a 1 INTRODUCTION mandatory requirement for apps distributed through the Mac App In an effort to protect the privacy of its millions of customers, Store (MAS). In addition, Apple has made it easier for developers Apple has over time added capability restrictions to apps that are to specify sandbox entitlements – capabilities that allow the app distributed via their official App Store for iOS and macOS. OniOS, to access certain resources. However, sandboxing is still optional these restrictions are mandatory, as the App Store is the sole option for macOS apps distributed outside Apple’s official app store. This to install apps. On macOS however, apps can still be installed from paper provides two contributions.