[swift-evolution] executing a string

[Josh Parmenter]

I could see a method being implemented that does something bad, but isn’t called directly anywhere in code. A code path analysis of a program may miss the problematic method (though unlikely?). But if the method signature is passed in dynamically as the result of a web call or something, it could then be called and cause a problem. However- the malicious code here really is already in the binary.

Since app store review is mentioned here, I can’t speak as to how a binary is inspected for review, or what tools the app store team has at its disposal. But I would be surprised if there isn’t at least some sort of automated step that would reveal the code block that might be problematic. And finding another instance where calling something by selector would also raise a flag (in fact, even Xcode points out the possibility of a leak in these cases). Yes - it MIGHT be problematic, but I think there are greater security holes in the iOS / Obj-C ecosystem than what is mentioned here. Since it is a compiled language, and apps don’t ship with compilers, it seems like the possibility for abuse here is not huge. However - many iOS apps can execute JavaScript or create WebViews with strings from just about any source - and this is where (it seems to mean) a strong sandboxing environment is really needed. But I am curious to know (like Félix) if there are examples of this happening.

Best,

Josh

On Jul 14, 2016, at 10:18 PM, Félix Cloutier via swift-evolution <swift-evolution at swift.org<mailto:swift-evolution at swift.org>> wrote:

I've never heard of an app being exploited through selector abuse. Do you have any example of that?

Félix

Le 14 juil. 2016 à 08:48:53, Ford Prefect via swift-evolution <swift-evolution at swift.org<mailto:swift-evolution at swift.org>> a écrit :

One of the major security flaws of Obj C is
the ability to convert a string into a selector, which
permits using private methods by constructing selectors
at runtime long after the app store review has been completed.
Does Swift do away with that? I understand it doesn't
use selectors per se but is there an analogous mechanism?

_______________________________________________
swift-evolution mailing list
swift-evolution at swift.org<mailto:swift-evolution at swift.org>
https://lists.swift.org/mailman/listinfo/swift-evolution

_______________________________________________
swift-evolution mailing list
swift-evolution at swift.org<mailto:swift-evolution at swift.org>
https://lists.swift.org/mailman/listinfo/swift-evolution