Abraham Masri (iabem97) has revealed a new flaw in Apple latest iOS 11.3 beta, allowing an Info.plist file to grab a file outside of the current application’s sandbox. Granted this is a beta OS, but still, this is another example of Apple seemingly rushing a release, & having all sorts of flaws. This is just the latest one.
Redmond Pie: Abraham Masri Drops iOS 11.3 0day Vulnerability, Hereโs What That Means For Future Jailbreak
GitHub: iabem97/securityd-racer2
And here is the Wiki write-up that explains how an app’s Info.plist file can access another app’s icon:
GitHub: iabem97/writeups: Info.plist Path Traversal
Here’s a quick excerpt from that Wiki article that shows the sandbox escape: