[Roguelazer]

Running a parser for a network protocol as root seems like a pretty unnecessarily dumb thing to do. I can't really imagine why any part of airplay would need to run as root; maybe something to do with DRM? Although the DRM daemon `fairplayd` runs as a limited-privilege user `_fpsd`, so maybe not. So bizarre that Apple makes all these cool systems to sandbox code, and creates dozens of privilege-separated users on macOS, and then runs an HTTP server doing plists parsing as an unsandboxed root process.

[Mindwipe]

Apple have reworked Airplay so many times at this point the entire thing is just a massive pile of technical debt piled on another massive pile of technical debt, piled on a bunch of weird hacks to try and keep all the devices built for previous versions afloat.

[walterbell]

At least it can be disabled via MDM/Configurator policy.

[bigyabai]

To the express benefit of all 3 Apple users that configure their devices with a PList editor.

[walterbell]

The breaches will continue until device policy improves.

[bigyabai]

Three cheers for smart defaults!