Security of runtime process in iOS and iPadOS (2024)

Table of Contents
Apple Platform Security Sandboxing Use of entitlements Address Space Layout Randomization Execute Never feature

Apple Platform Security

  • Welcome
  • Intro to Apple platform security
    • Hardware security overview
    • Apple SoC security
    • Secure Enclave
      • Face ID and Touch ID security
      • Magic Keyboard with Touch ID
      • Face ID, Touch ID, passcodes, and passwords
      • Facial matching security
      • Uses for Face ID and Touch ID
      • Secure intent and connections to the Secure Enclave
    • Hardware microphone disconnect
    • Express Cards with power reserve
    • System security overview
      • Boot process for iPhone and iPad devices
      • Memory safe iBoot implementation
        • Boot process
        • Boot modes
        • Paired recoveryOS restrictions
        • Startup Disk security policy control
        • LocalPolicy signing-key creation and management
        • Contents of a LocalPolicy file for a Mac with Apple silicon
        • Boot process
        • Boot modes
        • Startup Security Utility
        • Firmware password protection
        • recoveryOS and diagnostics environments
    • Signed system volume security
    • Secure software updates
    • Operating system integrity
    • Activating data connections securely
    • Verifying accessories
    • BlastDoor for Messages and IDS
    • Lockdown Mode security
      • Additional macOS system security capabilities
      • System Integrity Protection
      • Trust caches
      • Peripheral processor security
      • Rosetta 2 on a Mac with Apple silicon
      • Direct memory access protections
      • Securely extending the kernel
      • Option ROM security
      • UEFI firmware security in an Intel-based Mac
    • System security for watchOS
    • Random number generation
    • Apple Security Research Device
    • Encryption and Data Protection overview
    • Passcodes and passwords
      • Data Protection overview
      • Data Protection
      • Data Protection classes
      • Keybags for Data Protection
      • Protecting keys in alternate boot modes
      • Protecting user data in the face of attack
      • Sealed Key Protection (SKP)
      • Role of Apple File System
      • Keychain data protection
      • Volume encryption with FileVault
      • Managing FileVault
      • Protecting app access to user data
      • Protecting access to user’s health data
    • Digital signing and encryption
    • App security overview
      • Intro to app security for iOS and iPadOS
      • About App Store security
      • App code signing process
      • Security of runtime process
      • Supporting extensions
      • App protection and app groups
      • Intro to app security for macOS
      • App code signing process
      • Gatekeeper and runtime protection
      • Protecting against malware
      • Controlling app access to files
    • Secure features in the Notes app
    • Secure features in the Shortcuts app
    • Services security overview
      • Apple ID security
      • Managed Apple ID security
      • iCloud security overview
      • iCloud encryption
      • Advanced Data Protection for iCloud
      • Security of iCloud Backup
      • iCloud Private Relay security
      • Account recovery contact security
      • Legacy Contact security
      • Passcode security overview
      • Sign in with Apple security
      • Automatic strong passwords
      • Password AutoFill security
      • App access to saved passwords
      • Password security recommendations
      • Password Monitoring
      • Sending passwords
      • Credential provider extensions
        • iCloud Keychain security overview
        • Secure keychain syncing
        • Secure iCloud Keychain recovery
        • Escrow security for iCloud Keychain
      • Apple Pay security overview
      • Apple Pay component security
      • How Apple Pay keeps users’ purchases protected
        • Card provisioning security overview
        • Adding credit or debit cards to Apple Pay
      • Payment authorization with Apple Pay
      • Paying with cards using Apple Pay
      • Contactless passes in Apple Pay
      • Rendering cards unusable with Apple Pay
      • Apple Card security
      • Apple Cash security
      • Tap to Pay on iPhone
      • Access using Apple Wallet
      • Access key types
      • Car key security
      • Adding transit and eMoney cards to Apple Wallet
        • IDs in Apple Wallet
        • Security of IDs in Apple Wallet
      • iMessage security overview
      • How iMessage sends and receives messages
      • Secure iMessage name and photo sharing
    • Secure Apple Messages for Business
    • FaceTime security
      • Find My security
      • Locating missing devices
      • Continuity security overview
      • Handoff security
      • iPhone cellular call relay security
      • iPhone Text Message Forwarding security
      • Instant Hotspot security
    • Network security overview
    • TLS security
    • IPv6 security
    • VPN security
      • Secure access to wireless networks
      • Wi-Fi privacy
    • Bluetooth security
    • Ultra Wideband security in iOS
    • Single sign-on security
    • AirDrop security
    • Wi-Fi password sharing security on iPhone and iPad
    • Firewall security in macOS
    • Developer kit security overview
      • Communication security
      • Data security
      • Securing routers with HomeKit
      • Camera security
      • Security with Apple TV
    • SiriKit security
    • WidgetKit security
    • DriverKit security
    • ReplayKit security
    • ARKit security
    • Secure device management overview
    • Pairing model security
      • MDM security overview
      • Configuration enforcement
      • Automated Device Enrollment
      • Activation Lock security
      • Managed Lost Mode and remote wipe
      • Shared iPad security
    • Apple Configurator security
    • Screen Time security
  • Glossary
  • Document revision history
  • Copyright
Security of runtime process in iOS and iPadOS (1)

iOS and iPadOS help ensure runtime security by using a “sandbox,” declared entitlements, and Address Space Layout Randomization (ASLR).

Sandboxing

All third-party apps are “sandboxed,” so they are restricted from accessing files stored by other apps or from making changes to the device. Sandboxing is designed to prevent apps from gathering or modifying information stored by other apps. Each app has a unique home directory for its files, which is randomly assigned when the app is installed. If a third-party app needs to access information other than its own, it does so only by using services explicitly provided by iOS and iPadOS.

See Also
The Sandbox | Pixowl – Mobile Games Studio

System files and resources are also shielded from the users’ apps. Most iOS and iPadOS system files and resources run as the nonprivileged user “mobile,” as do all third-party apps. The entire operating system partition is mounted as read-only. Unnecessary tools, such as remote login services, aren’t included in the system software, and APIs don’t allow apps to escalate their own privileges to modify other apps or iOS and iPadOS.

Use of entitlements

Access by third-party apps to user information, and to features such as iCloud and extensibility, is controlled using declared entitlements. Entitlements are key-value pairs that are signed in to an app and allow authentication beyond runtime factors, like UNIX user ID. Since entitlements are digitally signed, they can’t be changed. Entitlements are used extensively by system apps and daemons to perform specific privileged operations that would otherwise require the process to run as root. This greatly reduces the potential for privilege escalation by a compromised system app or daemon.

In addition, apps can only perform background processing through system-provided APIs. This allows apps to continue to function without degrading performance or dramatically impacting battery life.

Address Space Layout Randomization

Address Space Layout Randomization (ASLR) helps protect against the exploitation of memory corruption bugs. Built-in apps use ASLR to help randomize all memory regions upon launch. In addition to work upon launch, ASLR randomly arranges the memory addresses of executable code, system libraries, and related programming constructs, further reducing the likelihood of many exploits. For example, a return-to-libc attack attempts to trick a device into executing malicious code by manipulating memory addresses of the stack and system libraries. Randomizing the placement of these makes the attack more difficult to execute, especially across multiple devices. Xcode, and the iOS or iPadOS development environments, automatically compile third-party programs with ASLR support turned on.

Execute Never feature

Further protection is provided by iOS and iPadOS using ARM’s Execute Never (XN) feature, which marks memory pages as nonexecutable. Memory pages marked as both writable and executable can be used only by apps under tightly controlled conditions: The kernel checks for the presence of the Apple-only dynamic code-signing entitlement. Even then, only a single mmap call can be made to request an executable and writable page, which is given a randomized address. Safari uses this functionality for its JavaScript just-in-time (JIT) compiler.

See alsoRandom number generationData Protection overviewData Protection in Apple devicesData Protection classes

Download this guide as a PDF

Helpful?

Thanks for your feedback.

Security of runtime process in iOS and iPadOS (2024)
Top Articles
How long does the shipping take? | Cryptopay Help Centre
Ethereum’s new upgrade is supposed to decrease its energy usage: Here’s how it works
Antisis City/Antisis City Gym
Public Opinion Obituaries Chambersburg Pa
Riverrun Rv Park Middletown Photos
It's Official: Sabrina Carpenter's Bangs Are Taking Over TikTok
Somboun Asian Market
No Limit Telegram Channel
La connexion à Mon Compte
CKS is only available in the UK | NICE
Craigslist Mexico Cancun
The Pope's Exorcist Showtimes Near Cinemark Hollywood Movies 20
Moviesda Dubbed Tamil Movies
Giovanna Ewbank Nua
Catsweb Tx State
Osrs Blessed Axe
Valentina Gonzalez Leak
Job Shop Hearthside Schedule
Puretalkusa.com/Amac
Niche Crime Rate
Officialmilarosee
Site : Storagealamogordo.com Easy Call
Our History
Free Personals Like Craigslist Nh
How to Grow and Care for Four O'Clock Plants
Hannaford To-Go: Grocery Curbside Pickup
Sadie Sink Reveals She Struggles With Imposter Syndrome
Low Tide In Twilight Ch 52
Bento - A link in bio, but rich and beautiful.
Skycurve Replacement Mat
Makemv Splunk
10-Day Weather Forecast for Santa Cruz, CA - The Weather Channel | weather.com
Craigslist Maryland Baltimore
Black Adam Showtimes Near Amc Deptford 8
T&J Agnes Theaters
Ljw Obits
AI-Powered Free Online Flashcards for Studying | Kahoot!
Studentvue Columbia Heights
Danielle Ranslow Obituary
Electric Toothbrush Feature Crossword
Booknet.com Contract Marriage 2
How Big Is 776 000 Acres On A Map
20 Mr. Miyagi Inspirational Quotes For Wisdom
Market Place Tulsa Ok
Grace Family Church Land O Lakes
Wild Fork Foods Login
Game Like Tales Of Androgyny
Hampton Inn Corbin Ky Bed Bugs
Autozone Battery Hold Down
David Turner Evangelist Net Worth
Buildapc Deals
Craigslist Yard Sales In Murrells Inlet
Latest Posts
How to Disable Weak Ciphers in Dell Security Management Server and Virtual Server
Bitcoin Is As Bad for the Planet As Beef, and It's Getting Worse
Article information

Author: Gregorio Kreiger

Last Updated:

Views: 5447

Rating: 4.7 / 5 (57 voted)

Reviews: 80% of readers found this page helpful

Author information

Name: Gregorio Kreiger

Birthday: 1994-12-18

Address: 89212 Tracey Ramp, Sunside, MT 08453-0951

Phone: +9014805370218

Job: Customer Designer

Hobby: Mountain biking, Orienteering, Hiking, Sewing, Backpacking, Mushroom hunting, Backpacking

Introduction: My name is Gregorio Kreiger, I am a tender, brainy, enthusiastic, combative, agreeable, gentle, gentle person who loves writing and wants to share my knowledge and understanding with you.