Wednesday, September 9, 2020

Mac App Store Sandbox Escape by Bypassing Initialization

Saagar Jha (via Jeff Johnson):

In January I discovered a flaw in the implementation of the sandbox initialization procedure on macOS that would allow malicious applications distributed through the Mac App Store to circumvent the enforcement of these restrictions and silently perform unauthorized operations, including actions such as accessing sensitive user data. Apple has since implemented changes in the Mac App Store to address this issue and the technique outlined below should no longer be effective.


Apple checks for the presence of the entitlement in all apps submitted for review, and its mere existence magically places the process in a sandbox by the time code execution reaches main. But the process isn’t actually magic at all: it’s performed by a function called _libsecinit_initializer inside the library libsystem_secinit.dylib, also located at /usr/lib/system[…]


As you may have guessed, this process is problematic. In fact, there are actually multiple issues, each of which allows an application with the entitlement to bypass the sandbox initialization process.

But it sounds like Apple’s fix is via the App Store approval process, rather than enforcing at runtime that apps with the entitlement are sandboxed, so it may not work in all cases.

Csaba Fitzl:

To disable sandbox via Interposing is a long known technique. +SB on macOS is voluntary, except the platform profile, that applies to everyone.

Adam Chester:

Few nights working on this but finally found another sandbox escape for Microsoft Word on MacOS 10.15.6. Chains a few techniques, MS locked it down well since last time.


Comments RSS · Twitter

Leave a Comment