I am trying to understand the mechanics of how iOS/iPadOS apps work on macs with Apple Silicon.
In particular, I'd like to understand the runtime environment of these apps.
I installed one to test it on a mac. I ran codesign --entitlements
on a mac, on an iOS app downloaded form the mac app store.
I was very surprised to see the sandbox entitement was NOT present.
On iOS all apps are sandboxed, so I was very surprised to see that the macOS translation was not sandbox. This seems like a significant weakening of the security.
Can anyone shed some light on that?