Mac Developer: Proof-of-concept app exploiting iOS security flaw gets researcher in trouble with Apple | Ars Technica
Proof-of-concept app exploiting iOS security flaw gets researcher in trouble with Apple | Ars Technica: "However, iOS 4.3 introduced 'sandboxing entitlements,' special exceptions granted on a very limited basis, to allow things like Nitro's JIT JavaScript compilation to work. In iOS 4.3 and later, MobileSafari has an entitlement called 'dynamic code signing.'"
Every sandbox has a skirmish, or it wouldn't be a sandbox.
Labels: codesigning, store receipt validation
Post a Comment