About App Sandbox
沙盒是在受限的安全环境中运行应用程序的一种做法,这种做法是要限制授予应用程序的代码访问权限。
沙盒技术提供对资源的严格控制,沙盒通过限制对内存、系统文件和设置的访问,沙盒可以让企业可通过执行潜在恶意代码而发现其活动和意图,而不会影响主机设备。沙盒技术对进入企业网络的代码进行的这种分析意味着,即使是零日漏洞利用都可以被发现——通过分析代码的恶意意图。
About App Sandbox
App Sandbox is an access control technology provided in macOS, enforced at the kernel level. It is designed to contain damage to the system and the user’s data if an app becomes compromised. Apps distributed through the Mac App Store must adopt App Sandbox. Apps signed and distributed outside of the Mac App Store with Developer ID can (and in most cases should) use App Sandbox as well.
At a Glance
Complex systems will always have vulnerabilities, and software complexity only increases over time. No matter how carefully you adopt secure coding practices and guard against bugs, attackers only need to get through your defenses once to succeed. While App Sandbox doesn’t prevent attacks against your app, it does minimize the harm a successful one can cause.
A non-sandboxed app has the full rights of the user who is running that app, and can access any resources that the user can access. If that app or any framework it is linked against contain security holes, an attacker can potentially exploit those holes to take control of that app, and in doing so, the attacker gains the ability to do anything that the user can do.
Designed to mitigate this problem, the App Sandbox strategy is twofold:
App Sandbox enables you to describe how your app interacts with the system. The system then grants your app the access it needs to get its job done, and no more.
App Sandbox allows the user to transparently grant your app additional access by way of Open and Save dialogs, drag and drop, and other familiar user interactions.
App Sandbox is not a silver bullet. Apps can still be compromised, and a compromised app can still do damage. But the scope of potential damage is severely limited when an app is restricted to the minimum set of privileges it needs to get its job done.
App Sandbox is Based on a Few Straightforward Principles
By limiting access to sensitive resources on a per-app basis, App Sandbox provides a last line of defense against the theft, corruption, or deletion of user data, or the hijacking of system hardware, if an attacker successfully exploits security holes in your app. For example, a sandboxed app must explicitly state its intent to use any of the following resources using entitlements:
Hardware (Camera, Microphone, USB, Printer)
Network Connections (Inbound or Outbound)
App Data (Calendar, Location, Contacts)
User Files (Downloads, Pictures, Music, Movies, User Selected Files)
Access to any resource not explicitly requested in the project definition is rejected by the system at run time. If you are writing a sketch app, for example, and you know your app will never need access to the microphone, you simply don’t ask for access, and the system knows to reject any attempt your (perhaps compromised) app makes to use it.
最新文章
- 篇二:JSON解析
- yii过滤xss代码,防止sql注入
- perl reverse 函数
- 利用Node.js对某智能家居服务器重构
- Unity3D与iOS的交互设计<ViewController 的跳转>
- 打包C#程序
- delphi 默认字体修改
- Android TV 模拟器启动
- CPU31X-2DP通过DP网络连接远程IO站
- 记录idea maven项目打包部署web项目mapper扫描失败
- Nginx+Geoserver部署所遇问题总结
- Cypher查询语言--Neo4j之聚合函数(五)
- JS实现数组去重的6种方法总结
- 第一篇-生成可运行得exe文件
- 关于CKEditor 4.0 过滤html标签
- c/c++ 网络编程 UDP 改变网卡的硬件地址
- L2-006 树的遍历 (25 分) (根据后序遍历与中序遍历建二叉树)
- python爬虫---selenium库的用法
- My97DatePicker 只显示月份
- java 多线程简单例子