Holes in Apple's Mac OS X sandbox
Security firm Core Security has warned that the default pre-defined Apple sandbox profiles such as "no-network" can be bypassed relatively easily using suitable events. The Mac OS X sandbox enables developers to specify precisely which resources an application is allowed to use – and what it isn't allowed to do. This is designed to prevent malicious code that may have been injected through a security hole from doing an uncontrolled amount of damage. Apple plans to accept only programs that have been sandboxed to the Mac App Store from March 2012.
The "no-network" profile, for example, enables developers to specify that the program is not allowed to use network functions. But the pre-defined profile is not leakproof. Core Security demonstrated how the restrictions the sandbox profile imposes can easily be bypassed by sending a message to another application. The researchers used the Open Scripting Architecture to send an Apple Event to "Terminal" that will cause a script to be executed.
osascript -e 'tell application "Terminal" to do script "..."'
This process will run outside of the sandbox and will not be limited by its restrictions; the script will have no problems accessing the network. Security researcher Charlie Miller already demonstrated a very similar scenario involving a number of specific applications in 2008. Apparently, Apple responded by regulating the use of Apple Events in the profiles of these applications, but generic profiles such as "no-network" haven't been restricted in this way.
While the App Sandbox Design Guide does state that the application behaviour of "sending Apple events to arbitrary apps" is incompatible with the sandbox, this restriction is clearly not being monitored and enforced. Core Security said that Apple is currently considering modifying its documentation to explicitly state that the restrictions provided in the pre-defined profiles are limited to the process in which the sandbox is applied.