A UNIX command line tool called “ls” can be used to bypass Mac privacy protections like TCC (Transparency, Consent, and Control) and the sandbox. This provides unauthorized access to file metadata in directories that are supposed to be protected

I continue to believe that macOS “security” is mainly theater that only impedes the law-abiding Mac software industry while posing little problem for Mac malware. It doesn’t take a genius hacker to bypass macOS privacy protections: calling “ls” is a script kiddie level attack.

It affects macOS Big Sur, Catalina, and Mojave.

Check It Out: This Terminal Command Can Bypass Mac Privacy Protections

One Comment Add a comment

  1. Scott B in DC

    Why do an Xcode project to do:

    ls [email protected] ~/Library/Safari/LocalStorage/https_www.apple.com_0.localstorage

    It is well known that from the shell level you can do anything. In fact, Apple makes it clear in their documentation that a lot of their security measures are for programs that behave themselves.

    What are you going to get out of the information, what websites you visit? These data files are formatted by each website and the .localstorage files are Sqlite databases with a schema that is not readily apparent unless you know the innards of Safari.

    IF this is all a script kiddie can do, then this is relevant. Tell me they can read the files and get something out of them, then I will worry.

Add a Comment

Log in to comment (TMO, Twitter, Facebook) or Register for a TMO Account