MacOS Local Security: Escaping the Sandbox and Bypassing TCC

“SomeApp would like to access files in your Documents folder.” Anyone who has used macOS recently will be familiar with these prompts. But how do they work? What happens if you deny the access? Are they an effective defense against malware?

Sandboxing on macOS was introduced 13 years ago, but Apple didn’t leave it at that. Step by step additional restrictions and new protection measures were added. Starting with the release of macOS Catalina in 2019, even non-sandboxed apps need to deal with sandbox-like restrictions for files: all apps now need to ask permission to access sensitive files, like those in the user’s documents or desktop folder. Features such as the camera and geolocation already needed user approval from a permission prompt. This system of user controlled permissions is known as Transparency, Consent, and Control (TCC). On iOS, TCC is enforced much more strongly, but Apple is slowly bringing macOS to the same level.

Any new security measure like this will also mean the introduction of new security boundaries, with completely new classes of vulnerabilities. Many parts of the system have to be re-examined to check for these vulnerabilities. For example, a malicious app can now try to attack another app in order to “steal” the permissions granted by the user to that app. Apple has taken steps to allow apps to defend themselves against this, such as the hardened runtime. Ultimately, however, it is up to the developer of an app to safeguard its permissions. Many developers are not aware of this new responsibility or do not take it seriously. Developers who are used to the security model of Windows or Linux often do not know that these boundaries even exist. To make matters worse, Apple’s documentation and APIs for these features are not as clear and easy to use as they should be.

This talk will start with an overview of local security restrictions on the latest version of macOS, Big Sur. Then, it will cover some ways these protections might be bypassed in third-party applications. Finally, we will show some vulnerabilities we found in software that allowed escaping the macOS sandbox, stealing TCC permissions and privilege escalation, such as CVE-2020-10009 in macOS and CVE-2020-24428 in Adobe Reader.

Location: Track 1 Date: May 27, 2021 Time: 2:30 pm - 3:30 pm Thijs Alkemade Daan Keuper