Once an iOS device is jailbroken, we can build jailbreak apps (with theos) and it gets installed in the /Applications directory where the preloaded apps run with root privileges. If an app is built with Xcode, once it is installed, it gets into the /private/var/mobile/Applications/ folder, which is supposed to have Apple sandbox enforced (before jailbreak).
So, the questions I have are:
For a jailbroken device, will the apps in /private/var/mobile/Applications/ execute with root privileges or with mobile user privileges?
In case of Android, once rooted, the apps will have to gain root privileges by executing the su command. Is it the case when it comes to iOS as well?
I would like to understand the difference between these two development options (Theos / Xcode) and how it affects what operations my app can perform.
Not disagreeing with anything H2CO3 said, but to add some further clarification ...
Apps installed in /private/var/mobile/Applications/(†) with Xcode will run with user mobile privileges, even on jailbroken phones.
Even on a jailbroken phone, apps installed to /private/var/mobile/Applications/(†) will be sandboxed almost (‡) like apps on a jailed phone. So, no reading other (normal) apps' data, even if those files are owned by user mobile.
For a good description of the process that apps like Cydia use to run as root, see this answer. Or, just ssh into your phone, and take a look inside /Applications/Cydia.app/ yourself.
If you simply copy/install an app (without doing what H2CO3 suggested) to /Applications/, it won't be sandboxed, but it will still run with mobile (UID=501) privileges:
iPhone5:~ root# cd /Applications
iPhone5:/Applications root# ls -altr ./HelloJB.app/
total 220
-rw-r--r-- 1 root wheel 711 Apr 3 20:36 entitlements.xml
-rw-r--r-- 1 root wheel 297 Apr 3 20:36 entitlements-daemon.xml
-rw-r--r-- 1 root wheel 7972 Apr 3 20:36 embedded.mobileprovision
-rw-r--r-- 1 root wheel 58755 Apr 3 20:36 date.zip
-rw-r--r-- 1 root wheel 485 Apr 3 20:36 ResourceRules.plist
-rw-r--r-- 1 root wheel 8 Apr 3 20:36 PkgInfo
-rw-r--r-- 1 root wheel 1226 Apr 3 20:36 Info.plist
-rw-r--r-- 1 root wheel 10960 Apr 3 20:36 Icon\#2x.png
-rw-r--r-- 1 root wheel 8328 Apr 3 20:36 Icon.png
-rw-r--r-- 1 root wheel 451 Apr 3 20:36 HelloJB.plist
-rwxr-xr-x 1 root wheel 61088 Apr 3 20:36 HelloJB*
-rwxr-xr-x 1 root wheel 42688 Apr 3 20:36 HelloDaemon*
drwxr-xr-x 2 root wheel 136 Apr 3 20:36 en.lproj/
drwxr-xr-x 2 root wheel 102 Apr 3 20:36 _CodeSignature/
drwxr-xr-x 4 root wheel 544 Apr 3 20:36 ./
drwxrwxr-x 54 root admin 1904 Apr 5 02:14 ../
iPhone5:/Applications root# ps -Aef | grep HelloJB
501 9412 1 0 0:00.00 ?? 0:00.33 /Applications/HelloJB.app/HelloJB
iPhone5:/Applications root# grep mobile /etc/passwd
mobile:*:501:501:Mobile User:/var/mobile:/bin/sh
(‡) Here's a good discussion, with input from Saurik, about how different jailbreaks may affect the sandbox. Long story short: it depends.
(†) Update: in recent versions of iOS, the location of 3rd-party apps has been moved to /var/mobile/Containers, and later to /var/containers/, but the same basic sandbox issues remain.
Long story short: no.
Jailbreaking is a necessary but not sufficient condition for gaining root. Apps will still be sandboxed by default.
What you can do for making your app run with root privileges is creating a startup shell script that has root:wheel ownership and 755 permissions, then create your actual executable with the same ownership, 7555 as permissions (i. e. set its "setuid" bit), then call setuid(0); from within main(), before calling UIApplicationMain().
Related
Ever since I downloaded Xcode 13 I have been unable to see the quick help window (option click) for objects/functions/variables I have created.
I can see the quick help window for other swift frameworks (option clicking tableView works, for example). Just not for my own.
I have tried
running this in command line:
$ defaults delete com.apple.dt.Xcode WebKitJavaScriptEnabled
deleting this:
~/Library/Caches/com.apple.dt.Xcode
running this:
$ defaults delete com.apple.dt.Xcode IDEIndexDisable
This is what I see when I run:
$ cd ~/Library/Developer/Xcode/DocumentationCache/
$ ls -al
total 0
drwxr-xr-x 4 myname staff 128 Sep 21 13:13 .
drwxr-xr-x 13 myname staff 416 Sep 24 20:38 ..
drwxr-xr-x 3 myname staff 96 Apr 28 10:49 v187
drwxr-xr-x 3 myname staff 96 Sep 21 13:13 v202
Anyone know of any fixes?
A restart of the machine solved the issue for me. Xcode then installed components and built the quick help for Apple's documentation and the documentation in my own code.
I am green to the iOS app development space. I need to setup a build in Jenkins for a new Swift application I built. As part of that, I used Cocoapods to manage dependencies which in turn, meant I now had a workspace instead of a simple project.
I'm now trying to build this application as part of our pipepline and have hit the following error:
FATAL: Since there are multiple projects in the workspace, you must be specify the location of the target project as Xcode Project File.
Build step 'Xcode' marked build as failure
Finished: FAILURE
The root of my project looks as follows:
$ ls -la
total 32
drwxr-xr-x 14 mcbint staff 448 15 Jan 15:16 .
drwxr-xr-x 3 mcbint staff 96 15 Jan 14:33 ..
drwxr-xr-x 13 mcbint staff 416 16 Jan 11:11 .git
-rw-r--r-- 1 mcbint staff 108 15 Jan 14:56 .gitignore
-rw-r--r-- 1 mcbint staff 501 15 Jan 14:56 Podfile
-rw-r--r-- 1 mcbint staff 379 15 Jan 14:56 Podfile.lock
drwxr-xr-x 9 mcbint staff 288 15 Jan 15:16 Pods
-rw-r--r-- 1 mcbint staff 666 15 Jan 14:56 README.md
drwxr-xr-x 10 mcbint staff 320 15 Jan 14:56 mcb-phoneagent-ios
drwxr-xr-x 5 mcbint staff 160 15 Jan 15:16 mcb-phoneagent-ios.xcodeproj
drwxr-xr-x 4 mcbint staff 128 15 Jan 14:56 mcb-phoneagent-ios.xcworkspace
drwxr-xr-x 4 mcbint staff 128 15 Jan 14:56 mcb-phoneagent-iosTests
drwxr-xr-x 4 mcbint staff 128 15 Jan 14:56 mcb-phoneagent-iosUITests
drwxr-xr-x 2 mcbint staff 64 15 Jan 15:07 test-reports
I have setup the project in xcode as follows:
On my development machine I can successfully build the application with the command:
xcodebuild -workspace mcb-phoneagent-ios.xcworkspace -scheme mcb-phoneagent-ios
Does anybody see anything I've setup incorrectly?
This is how I resolved this issue when i ran into it:
Make sure that you have your scheme container set to the workspace (not the project. This can be checked in Xcode in Product -> Scheme -> Manage Schemes, then look in the column titled "Container")
confirm that the xcshareddata is in the workspace directory that Jenkins is using.
In Jenkins Under the General build settings of the Xcode there is a "Settings" button
click on it and find the Xcode schema file text box.
Fill that box in with the name of the xcsheme file you want to use for the given workspace that was entered as the Xcode Workspace file (in your case I'm guessing it would be mcb-phoneagent-ios).
Since you use Cocopod, you need to use the *.xcworkspace file, not the *.workspace,
and from personal experience much easier to archive and use *.app files with jenkins instead of letting it to build for u the projects
I have a jenkins running a job, after which I want it to "archive artifact", which is basically just get some files.
The Job clones a github and when ran, it generates some log files which I need.
The patter is:
logfiles/*
I added a command to list the directory to make sure the files are there, and indeed they are.
+ ls -la logfiles
total 24
drwxr-xr-x 2 root root 4096 Apr 22 23:23 .
drwxr-xr-x 8 root root 4096 Apr 22 23:23 ..
-rw-r--r-- 1 root root 0 Apr 22 23:23 1461367410777_testuuid_61746144-3A3A-5555-4944-3D5343414C41.log
-rw-r--r-- 1 root root 1248 Apr 22 23:23 1461367410777_testuuid_61746144-3A3A-5555-4944-3D5343414C41_shortmsg.csv
-rw-r--r-- 1 root root 2521 Apr 22 23:23 1461367410777_testuuid_61746144-3A3A-5555-4944-3D5343414C41_stats.log
-rw-r--r-- 1 root root 8035 Apr 22 23:23 1461367410777_testuuid_61746144-3A3A-5555-4944-3D5343414C41_trace_msg.log
Archiving artifacts
ERROR: No artifacts found that match the file pattern "logfiles/*". Configuration error?
ERROR: ‘logfiles/*’ doesn’t match anything, but ‘*’ does. Perhaps that’s what you mean?
Build step 'Archive the artifacts' changed build result to FAILURE
I don't really understand why they are not found.
Hope someone can help!
Thanks!
I finally found my problem. I had configured the job to do the git clone. But for some reason I also added the cloning on the build steps... once i removed that jenkins started getting the files properly.
I would still like to understand why this would happen...
Thanks to all
Im trying to follow a tutorial to do a CORBA assignment.
project
-Client/HelloClient.java
-Server/HelloServer.java
-Hello.idl
I do the first step, trying to compile the IDL (from the project root), and it fails.
$ idlj –td Client –fclient Hello.idl
com.sun.tools.corba.se.idl.InvalidArgument: Invalid argument: –td.
java version "1.8.0_11"
$ ls -l
total 16
drwxr-xr-x 3 juliusskye staff 102 Oct 28 20:14 Client
-rw-r-----# 1 juliusskye staff 85 Oct 28 17:49 Hello.idl
drwxr-xr-x 3 juliusskye staff 102 Oct 28 17:52 Server
-rw-r--r-- 1 juliusskye staff 425 Oct 29 13:45 idljintro.iml
drwxr-xr-x 2 juliusskye staff 68 Oct 29 13:45 src
I found this which says CORBA has problems parsing paths with / in front. But mine doesn't have a /
apparently the Lecturer's instructions were wrong or outdated or the compiler is not fully working but compilation of all files is achieved by
idlj -fall hello.idl
I have been developing an app to programmatically enable/disable Wi-Fi interface of my iphone. I have tried to use the Apple 80211( apple's private service) on my jail broken Iphone 4s (iOS 5.1.1) to make it work. However, thing does not work out as I expected.
I can successfully scan and get the status of Wi-Fi connection however, the method Apple80211SetPower to enable/disable WiFi seems does not work on iOS 5.
As I found out from SBsetting's WiFi toggle, It might also require to change the system property of WiFi at "/var/preferences/systemconfiguration/com.apple.wifi.plist". However, my app is failed to change system property in that file, I suspected the problem resulted from file property and ownership. Therefore, I imitated the file property of SBsetting's WiFi toggle, Still, it did not change a thing.
does anyone know how I could change the system property of this file? this is the code that I used. thanks and regards
NSMutableDictionary *plistDict =
[NSMutableDictionary dictionaryWithContentsOfFile:#"/var/preferences/SystemConfiguration/com.apple.wifi.plist"];
BOOL wifiState = [[plistDict objectForKey:#"AllowEnable"] boolValue];
NSLog(wifiState ? #"Yes" : #"No");
if (value == YES)
{
[plistDict setValue:[NSNumber numberWithBool:YES] forKey:#"AllowEnable"];
[plistDict writeToFile:#"/var/preferences/SystemConfiguration/com.apple.wifi.plist"
atomically: YES];
}
else if (value== NO)
{
[plistDict setValue:[NSNumber numberWithBool:NO] forKey:#"AllowEnable"];
[plistDict writeToFile:#"/var/preferences/SystemConfiguration/com.apple.wifi.plist"
atomically: YES];
}
On my phone (iOS 5.0.1, not 5.1.1), I see this in the SystemConfiguration directory:
iPhone4:/var/preferences/SystemConfiguration mobile$ ls -altr
total 144
drwxr-xr-x 3 root wheel 136 Dec 25 2007 ..
-rw-r--r-- 1 root wheel 181 Jul 26 2009 OSThermalStatus.plist
-rw-r--r-- 1 root wheel 79 Jan 10 2012 com.apple.mobilegestalt.plist
-rw-r--r-- 1 root wheel 60 Sep 30 00:47 com.apple.radios.plist
-rw-r--r-- 1 root wheel 1162 Sep 30 15:50 NetworkInterfaces.plist
-rw-r--r-- 1 root wheel 57087 Sep 30 15:51 com.apple.network.identification.plist
-rw-r--r-- 1 root wheel 127 Oct 1 01:04 com.apple.PowerManagement.plist
-rw-r--r-- 1 root wheel 7323 Oct 1 01:18 preferences.plist
-rw-r--r-- 1 root wheel 31648 Oct 1 01:18 com.apple.wifi.plist
-rw-r--r-- 1 root wheel 1223 Oct 1 01:18 com.apple.AutoWake.plist
drwxr-xr-x 2 root wheel 374 Oct 1 01:18 .
So, it looks like the user mobile (which is the user the apps normally run as) would not be able to write that file, with only read privileges.
You can take a look here at how to give your app root privileges.