The Apple Sandbox: Deeper into the Quagmire


Apple’s Sandboxing (“SeatBelt”) has remained terra incognita since Dionysus Balazakis’s seminal work. 5 years and 300 versions later, however, much as changed. The sandbox has become the linchpin of security in iOS, and the foundation of SIP in OS X 10.11 and later.

This talk explores the sandbox in detail, and fills in the gaps from the original work. In particular, we explore the implementations on *OS and OS X, and how they differ. This includes:

– Voluntary vs. non-voluntary confinement
– Sandbox profiles, both in scheme syntax and binary form
– The MACF syscalls hook, primarily ms_sandbox() APIs
– Sandboxd (OS X)
– ContainerManager (iOS)
– Entitlements
– Interaction with AMFI

All gleaned from reverse engineering, the techniques of which will be of course demonstrated alongside.

Location: InterContinental Date: August 25, 2016 Time: 3:00 pm - 4:00 pm Jonathan Levin