|
|
|
|
|
|
by vbezhenar
2624 days ago
|
|
|
Don't trust Android or iOS or macOS sandbox. Google invests huge amounts of development time and research into Google Chrome JavaScript sandbox. It is the real wild west, there are malicious actors who want to break that sandbox. There are multiple layers of protection. Yet there are successful attacks. Much less people trying to break Android or iOS sandbox, because you can just ask for permission from Android and because Apple can kick bad app from the store and prevent infestation. It means that security of those sandboxes is worse, there are many undiscovered (or undisclosed) holes. Check out history of Java sandbox with its numerous vulnerabilities. I have no reasons to expect anything different from built-in sandboxes. It's like relying on unix user permissions and allow to run anything under untrusted user. Works in theory, but you'll be owned pretty soon, because local root escalation vulnerabilities are not that rare. In those days the only sandbox I would trust is JavaScript one. It's battle tested. |
|
|
You cannot ask for permission to bypass sandbox restrictions on Android. You need root access, which means physical access to do things like unlock the bootloader or an exploit.
iOS sandbox seems slightly weaker here due to the use of hidden/private functions to protect certain things, sideloaded apps would likely be a bigger risk on iOS than Android at the moment, but that's not something unresolvable.
In any case, the things you're discussing aren't really so problematic - isolation systems are only getting better, OS level ones are improving every day. We could easily have sandboxes at this level just as secure as the javascript ones.