What's the worst a non-sandboxed app can do?

Question

Created Mar ’21

Replies 3

Boosts 0

Participants 2

I was curious if a non-sandboxed app (i.e. from an Unidentified Developer) can actually do anything malicious if the user does not grant any permissions to it (like Full drive access, Access to documents, etc)?

For example, can an un-sandboxed app potentially access data in sandboxed apps? Seems highly unlikely but there is absolutely no documentation on this.

Thanks!

Boost

Answer 1

DTS Engineer OP

Apple

Mar ’21

Non-sandboxed apps have a lot of privileges. While the 10.15 and later mandatory access control features have reduced these privileges to some extent, they are still far in excess those of a sandboxed app.

can an un-sandboxed app potentially access data in sandboxed apps?

Yes.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 2

curiouscoderr OP

Mar ’21

Thank you for the reply. This confuses me, as what is the point of a non-sandboxed app to request Full Drive Access and other permissions, if it already can read sensitive data such as data from sandboxed apps? I'm particular concerned about non-sandboxed apps accessing data from Chrome and Safari.

0

Answer 3

DTS Engineer OP

Apple

Mar ’21

Keep in mind that Mac security is a delicate balance between what’s most secure and what’s possible in the current ecosystem.

I'm particular concerned about non-sandboxed apps accessing data from
… Safari.

Safari’s critical data is protected by a Data Vault.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0