iOS app on Apple Silicon Mac: how are app data files protected?

While submitting a new app, I noticed I could choose to make the app available on Apple Silicon Mac. Since user can access the file system on the Mac, I wonder how are app's data files are protected? Are they also in sandbox and can't be accessed through file system by macOS user?

Because my laptop runs on Intel CPU, I can't experiment it myself. I googled and found this page: https://developer.apple.com/documentation/xcode/configuring-the-macos-app-sandbox/, but the app sandbox seems to be mainly about protecting macOS from the iOS app, not the vice versa?

Does anyone knows the details? Thanks.

Answered by endecotp in 744887022

You are right to worry about this. It is not difficult for users to access the app's data files. (They can access them on iOS too, though it takes a bit more effort.)

Accepted Answer

You are right to worry about this. It is not difficult for users to access the app's data files. (They can access them on iOS too, though it takes a bit more effort.)

You are right to worry about this. It is not difficult for users to access the app's data files.

Thanks for the confirmation. With access to app data files, network sniffing, and process tracing (I'm not familiar with macOS, but I suppose there must be tools of this kind), it seems running an iOS app on Apple Silicon makes it way more easier for people to hack the app. I don't understand why Apple supports it.

They can access them on iOS too, though it takes a bit more effort.

Could you elaborate it a bit? I think that's only possible on a jailbreaked phone, isn't it? But my impression is that it becomes very hard to jailbreak the recent IOS releases, so I take it for granted that app data files can't be accessed by others in iOS.

Another question. If what you said is true, is it a common practice to encrypt app data files? (the encryption key can be hardcoded in the app's code and that should thwart most attempts).

network sniffing

iOS supports that too, via RVI. See Recording a Packet Trace.

process tracing

macOS has the concept of ‘protected’ processes, and that includes iOS Apps on Mac. Most diagnostic tools won’t target those unless you disable SIP. IIRC iOS apps don’t work when you disable SIP but I must admit I haven’t tried this myself (still working on my trusty Intel machine here :-).

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

 I think that's only possible on a jailbreaked phone, isn't it? But my impression is that it becomes very hard to jailbreak the recent IOS releases, so I take it for granted that app data files can't be accessed by others in iOS.

I've not been following this subject, but likely your opponent will be slow to install new iOS versions! This is one reason for keeping your app's required iOS version recent - but that harms genuine users with old devices.

Another question. If what you said is true, is it a common practice to encrypt app data files?

I don't know how common it is. I do encrypt some data files for which I pay a royalty to a third party; I do that because I imagine standing up in court when they sue me for not looking after their valuable data, and having to tell the judge that I could have encrypted it but didn't.

There are two standard problems with that - what do you do with the keys, and how do you prevent the user from capturing the data when your app presents it to them (especially if it's e.g. video).

There are actually two slightly different problems, one for data files built in to the app and the other for data files that the app downloads from your servers when it runs.

Embedding a fixed decryption key in the executable has some chance of working.

iOS app on Apple Silicon Mac: how are app data files protected?
 
 
Q