7

From my point of view and with my rather poor knowledge of iOS, the principle of a sandbox in iOS is the following:

  • each app and its data is installed in a private area within the partition, but each app runs under the same user 'mobile'
  • the sandbox only allows restricted and controlled access to system ressources (i.e. system files)
  • the sandbox only allows restricted and controlled access to ressources like contacts, sms, mail, internet...
  • the sandbox prevents an application from attacking another application's data

Are there any important functions of the sandbox that I left out?

I assume that with a jailbroken device, all security functions of the sandbox are obsolete (i.e. an attacker can easily read data from other applications, can access system files etc)?

Yoav Aner
  • 5,299
  • 3
  • 24
  • 37
pfust75
  • 425
  • 7
  • 9
  • 2
    If jailbreaks work similar to android, normal applications will still be sandboxed. But of course the user/owner of the phone and applications authorized by him can access everything. But that shouldn't be a problem, since the purpose of the sandbox is to protect against applications, not against the user. – CodesInChaos Feb 13 '12 at 22:02
  • But I guess it's also a function of the sandbox to protect application's data from beeing accessed by malicious applications (i.e. trojans). This protections doesn't work anymore on jailbroken devices, isn't it? – pfust75 Feb 14 '12 at 07:37

1 Answers1

2

Your assumption is correct, with one limiting factor: any encrypted content can only be accessed when iOS has been unlocked, even when jailbroken. It's not much of a limit, but there it is.