[stackskipton]

What is this report supposed to show? System level Daemons have low level access or iPhone, unlocked and having trusted the hardware I assume, can be made to reveal data? This reads like someone asked AI about debugging iPhone using their laptop, dug into some system daemons and wrote up a report acting like sky is falling when it's expected behavior. UID 0 can bypass file permissions, alert kernel developers!

Real question is, can other iOS applications trigger this data leaking behavior or can untrusted MacOS devices do this as well?

[FluGameAce007]

"Preflight=yes" bypassing user prompts is not expected or documented behavior... period.

The fact that internal system daemons can silently trigger access to TCC-protected domains (like Contacts, FaceID, Microphone, and Bluetooth) without app association or user consent breaks Apple’s own stated privacy model.

[stackskipton]

It's very possible they have good reason to do so. Phone app needs contact access to display CallerID and Microphone access to allow me to answer my call

This got flagged because you have not proven anything.

System Level Daemons and preinstall Apple developed applications are bypassing standard app level permissions. Are they doing anything nefarious with the data like sending it all to Apple or just using it to do the work people expect? You are running around acting like SystemD is doing nefarious stuff because it's bypass file permissions. Ok, it's a system daemon, not shocked, is it doing anything bad with that or just trying to make my system work out of the box as I expect.

Apple makes OS on the iPhone, they are in privileged spot.