- Update on the Blizzard/sandbox thing, from a birdie familiar with the matter: Blizzard’s updater had a crasher. Apple created workaround.
https://twitter.com/gruber/status/738149554978070529
— John Gruber (@gruber)Wed, Jun 01 2016 23:25:42 - Practically speaking, all sandboxing rules still apply to Blizzard apps; workaround doesn’t allow operations that other apps can’t do too.
https://twitter.com/gruber/status/738149969635352579
— John Gruber (@gruber)Wed, Jun 01 2016 23:27:21 - And Blizzard has fixed their updater, so the workaround shouldn’t be needed in next update.
https://twitter.com/gruber/status/738150210853965825
— John Gruber (@gruber)Wed, Jun 01 2016 23:28:19 - My takeaway is that Apple will go to extraordinary lengths to avoid crashers in super-popular apps, even when it’s entirely the app’s fault.
https://twitter.com/gruber/status/738150578497323008
— John Gruber (@gruber)Wed, Jun 01 2016 23:29:46 - @joshjagdfeld No buzz. It’s a very curious find, but ultimately a non-story.
https://twitter.com/gruber/status/738152802782982144
— John Gruber (@gruber)Wed, Jun 01 2016 23:38:37 - I wonder why the iOS sandbox omits certain sandbox checks if code is signed by Blizzard Entertainment Inc.
https://twitter.com/i0n1c/status/738015603890524160
— Stefan Esser (@i0n1c)Wed, Jun 01 2016 14:33:26 - Actually the OS X sandbox makes the same exception for Blizzard
https://twitter.com/i0n1c/status/738017423895494656
— Stefan Esser (@i0n1c)Wed, Jun 01 2016 14:40:40 - @SwissHttp it seems as if they are allowed to execute other processes when others are not.
https://twitter.com/i0n1c/status/738023849208500224
— Stefan Esser (@i0n1c)Wed, Jun 01 2016 15:06:12 - Luckily we all know that Blizzard Games never have remote vulnerabilities 😎
https://twitter.com/i0n1c/status/738036161441042432
— Stefan Esser (@i0n1c)Wed, Jun 01 2016 15:55:07 - I just verified: the magic sandbox teamidentifier is actually the current one used for Blizzard games in the iOS app store.
https://twitter.com/i0n1c/status/738038962095280129
— Stefan Esser (@i0n1c)Wed, Jun 01 2016 16:06:15 - @i0n1c that's right. But it doesn't mean they can execute, it means we make them believe they could.
https://twitter.com/hey_pom/status/738072669346631680
— POM (@hey_pom)Wed, Jun 01 2016 18:20:11 - @gruber it's an targeted exception for the rather innocuous access() calls. https://developer.apple.com/library/ios/documentation/System/Conceptual/ManPages_iPhoneOS/man2/access.2.html …
https://twitter.com/rosyna/status/738092475932237825
— Rosyna Keller (@rosyna)Wed, Jun 01 2016 19:38:54 - @gruber @marcoarment No, it was later discovered that only access() is impacted. This means that the program thinks it has one but don’t
https://twitter.com/Taiki__San/status/738118770548428800
— Taiki (@Taiki__San)Wed, Jun 01 2016 20:54:21 - this sandbox workaround for Blizzard makes sense actually, as strange as it looks. https://twitter.com/i0n1c/status/738018742710460420 …
https://twitter.com/chronic/status/738116365882658816
— Will Strafach (@chronic)Wed, Jun 01 2016 21:13:49
Blizzard Exemption to iOS and MacOS Sandbox
by
John Gruber28,327 Views
John Gruber28,327 Views