CVE-2023–26818 (Sandbox): MacOS TCC Bypass W/ telegram using DyLib Injection (Part 2)
<p>The app sandboxing feature in <code>MacOS</code> is a technology that the system enforce at the kernel's level which limit privileges and</p>
<p>restrict the app access to resources/permissions. As a results, It helps in reducing the attacks and the infection of</p>
<p>compromised apps to the system. The first introduce for the sandboxing by apple was in 2007 & Enforced to be used by apps</p>
<p>before adding it to the app store in 2011, So it make sure that the apps more secure to use by making the app run in it’s own</p>
<p>area and do nothing more except what is created for.</p>
<p><img alt="" src="https://miro.medium.com/v2/resize:fit:641/1*Kh7r2t_yGO0mNinXjNa85A.jpeg" style="height:241px; width:641px" /></p>
<p>But, Why It’s important?. Because, any non-sandboxed app has the full rights of the user who is running that app, and can</p>
<p><a href="https://vsociety.medium.com/cve-2023-26818-sandbox-macos-tcc-bypass-w-telegram-using-dylib-injection-part-2-811cd7c00430"><strong>Website</strong></a></p>
<p> </p>