Application developer for Mac and iOS Jeff Johnson (Jeff Johnson) discovered a flaw in the implementation of the protection of privacy in the macOS, which can be exploited in order to view the folders with restricted access. The problem affects all versions of macOS Mojave, including 10.14.3 Supplemental Update, submitted on 7 February.
In the version of Mojave access to certain folders is forbidden by default, for example, to ~/Library/Safari. The operating system provides access to this folder only for multiple applications, in particular, Finder. However, Johnson managed to find a method to bypass the protection that allows applications to “see” in ~/Library/Safari without any permissions from the system or user and view your browsing history in the browser.
In an interview to share BleepingComputer developer said that he identified a vulnerability in the process of working on a native application.
“I used one API, whose name I will not disclose, and realized that they could use the same API to read the contents of restricted folders. So the bypass is not difficult, just need knowledge of Mac developer,” said Johnson. He also added that the technique has several limitations and does not provide free access for all. More information about the method he has provided.
Last year, Johnson reported another similar vulnerability that affected the Automator application to automate operations in Wt. This issue allowed you to circumvent the protection of privacy in the Contacts (“Contacts”) and copy its contents to the folder you created. In addition, the developer has revealed a number of shortcomings, including the problem in the implementation of the command line tool tccutil and the ability to use other apps with user-provided permissions to access critical data or locations.
Apple has eliminated the associated with Automator vulnerability with the release of macOS Mojave 10.14.3 Supplemental Update, but the other problems still remain uncorrected.
Read more •••