[Security Risk] Files available within the “files” are public (not sandboxed) + camera permission grants access to dot projector
Files visible within the “files” app are public system wide and fair game for access from any app without user permissions.
What a gross oversight. I’m disgusted.
– I had a text file I needed to edit.
– I downloaded TextEdit (instead of pages)
– I figured I would have to drag the file I want to edit into TextEdit via the files app or share pane
– NOPE, TextEdit crawled every document I had on the system
– **if had full access (including modify) for text documents saved within other apps**
PS: While we are talking about security, why in the world does granting camera access allow access to the dot projector ?!?!?
The camera privacy toggle should have three modes
– back only
– front + back
– dot projector + front + back
No app should be taking a 1:1 bone mapping of my face. 🤦♂️
Hopefully some noise is made so Apple takes notice. This is an egregious oversight.
Edit: experience it for yourself.
1) This app will crawl through all txt files on your phone
– Text Editor
This example just transverses text files. In reality EVERYTHING visible in the files app is accessible from any other app with no permission required. Go through your files and make sure no confidential info stored.
2) This app will create high quality 3D model from the dot projector data that is available to every app with the camera permission.
– Capture: 3D Scan Anything
Go ahead, record your face for a few seconds and tell me this is low quality obfuscated hardware access.
Edit2: **security issue #1 was a false conclusion upon deeper investigation**
The textedit app uses an iOS system file picker as its home screen. That home screen is 100% Apple code and not modifiable by the texteditor in anyway.
I incorrectly assumed that home screen was designed by TextEditor (since it was the main menu of the app). It actually is an Apple framework that is sandbox elevated. This means that the Apple framework has full access and is able crawling the device. On files tapped on by the user in that framework are passed into TextEdit.
Glad app document data is still sandboxed/compartmentalized.