4 Replies
      Latest reply on Mar 26, 2020 8:09 AM by patrikk
      patrikk Level 1 Level 1 (0 points)

        Hi

         

        I have failed to find information about where and how the OS/system stores the VPN configurations (we have a PacketTunnel solution, if it matters), except for the sensitive parts which seems to be stored in the shared vpn keychain.

         

        So how does the system store the other parts of the configurations? Is it safe? Reachable from other apps in any way?

        Does the system handle configurations from profiles (mobileconfig) which targets our app/extension different from those made in our main app (regarding storage etc)?

         

        Thanks for the help!

        • Re: iOS/iPad OS VPN configuration storage
          eskimo Apple Staff Apple Staff (13,905 points)

          We do not, in general, document how the system stores information like this because it can change from release to release.  I can answer the following because it’s about APIs:

          Reachable from other apps in any way?

          No.  In general, apps can only ‘see’ VPN configurations that they are responsible for:

          • If you’re configuring Personal VPN, this means the configuration you create.

          • If you have a tunnel provider, this means any configurations you create and any configurations for your provider installed via a configuration profile.

          Share and Enjoy

          Quinn “The Eskimo!”
          Apple Developer Relations, Developer Technical Support, Core OS/Hardware
          let myEmail = "eskimo" + "1" + "@apple.com"

            • Re: iOS/iPad OS VPN configuration storage
              patrikk Level 1 Level 1 (0 points)

              Thanks eskimo.

               

              One more question; do you know if the configurations are encrypted (e.g. not only the sensistive parts which are stored in the keychain)? Our main concern is if it would be possible to access the configuration (rooted phone or so) and modify it..

                • Re: iOS/iPad OS VPN configuration storage
                  eskimo Apple Staff Apple Staff (13,905 points)

                  do you know if the configurations are encrypted

                  I don’t know.

                  Our main concern is if it would be possible to access the configuration (rooted phone or so) and modify it.

                  Why is this a concern?

                  Share and Enjoy

                  Quinn “The Eskimo!”
                  Apple Developer Relations, Developer Technical Support, Core OS/Hardware
                  let myEmail = "eskimo" + "1" + "@apple.com"

                    • Re: iOS/iPad OS VPN configuration storage
                      patrikk Level 1 Level 1 (0 points)

                      My customer don't really want anyone to be able to alter them.. Not really sure why this is of great concern  (since I don't really see any sensitive data that we store there..). Just thought it would be nice to be able to tell them if it is safe or not.

                       

                      Thanks for the answers!