Security News > 2023 > August > Apple's defense against apps vandalizing other apps still broken, developer claims

Apple last year introduced a security feature called App Management that's designed to prevent one application from modifying another without authorization under macOS Ventura - but a developer claims it's not very good at its job under some circumstances.

"If an app is modified by something that isn't signed by the same development team and isn't allowed by an NSUpdateSecurityPolicy, macOS will block the modification and notify the user that an app wants to manage other apps," explained Justin Sagurton of Apple's privacy engineering team, in a video presentation at the fruity computer seller's 2022 Worldwide Developers Conference.

Alas, this particular security mechanism - available to users via System Settings -> Security & Privacy -> App Management - appears not to manage app security very well.

Last October, Jeff Johnson, who develops software for various Apple platforms through his Underpass App Company, found that sandboxed apps can bypass App Management.

Ini, in TextEdit, a macOS app, to change its behavior without triggering App Management intervention.

So the App Management hole could be used as part of an attack chain initiated through a downloaded malicious file.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/08/22/apple_macos_app_management/