简体繁体 English

为什么即使我越狱后，iOS 6.1.1中的SandBox仍然存在？

[英]Why SandBox in iOS 6.1.1 still exists for App even after I have jailbreak?

原文 2013-04-16 00:41:11 9 3 iphone/ ios/ jailbreak

My installed App is signed with an Ad-hoc certificate. 我安装的应用程序使用Ad-hoc证书进行签名。 But it is designed only for jailbreak iPhones. 但它仅适用于越狱 iPhone。

I try to directly read the SMS database in /var/mobile/Library/SMS/sms.db . 我尝试直接读取/var/mobile/Library/SMS/sms.db的SMS数据库。 But I found the app can't read it because the SandBox process denied the action. 但我发现应用程序无法读取它，因为SandBox进程拒绝了该操作。 So my question is whether the SandBox is removed after the iPhone is jailbroken? 所以我的问题是在iPhone被越狱之后是否删除了SandBox？

(And now I think the apps in /var/mobile/Applications/ are still restricted by the SandBox. The process of jailbreaking does not removed the SandBox in this directory?) （现在我认为/var/mobile/Applications/中的/var/mobile/Applications/仍然受到SandBox的限制。越狱的过程不会删除此目录中的SandBox吗？）

3 个解决方案

Unfortunately, you guessed correctly. 不幸的是，你猜对了。 On a jailbroken device, apps installed to the normal location ( /var/mobile/Applications/ ) are still sandboxed (* see comments below). 在越狱设备上，安装到正常位置的应用程序（ /var/mobile/Applications/ ）仍然是沙箱（*请参阅下面的评论）。

The jailbreak does not completely remove the sandbox . 越狱并没有完全删除沙箱 。

It allows you to run code that's not signed by valid Apple certificates. 它允许您运行未由有效Apple证书签名的代码。 It therefore also allows you to install your app to different locations. 因此，它还允许您将应用程序安装到不同的位置。

If you install your app to /Applications/ , however, it will be able to read /var/mobile/Library/SMS/sms.db , as I describe in this answer . 但是，如果您将应用程序安装到/Applications/ ，它将能够读取/var/mobile/Library/SMS/sms.db ，正如我在本回答中所述。 As a system app, you'll be outside the sandbox. 作为系统应用程序，您将位于沙箱之外。

This has nothing to do with Objective-C, or Cocoa Touch, versus C APIs. 这与Objective-C或Cocoa Touch与C API无关。 It wouldn't be much of a sandbox if all you had to do was use well-known CI/O calls to escape it. 如果您只需要使用众所周知的CI / O调用来逃避它，那么沙盒就不会太多了。

See this other similar answer (to a closed question) , for some related discussion. 对于一些相关的讨论，请参阅其他类似的答案（对于一个封闭的问题）。

Update: see saurik's comments in this online thread . 更新：请参阅此在线主题中的 saurik的评论。 The summary is that different jailbreaks (eg evasi0n, Absinthe, redsn0w) can affect the sandbox in different ways. 总结是不同的越狱（例如evasi0n，Absinthe，redsn0w）可以以不同的方式影响沙箱。 Saurik's recommendation is certainly that they not be removed entirely. Saurik的建议当然不是完全删除它们。

I had this same problem while trying to read from the iPhone's serial port a while ago. 我不久前尝试从iPhone的串口读取时遇到了同样的问题。 Your guess is correct, even after jailbreak the regular App store apps in /var/mobile/Applications/ are still subject to sandbox restrictions. 您的猜测是正确的，即使在越狱后， /var/mobile/Applications/中的常规App Store应用仍然受到沙箱限制。 System apps are not subject to these restrictions and are found in the /var/stash/Applications/ (or I think in iOS 6 there's an identifier in the path), this is where jailbreak apps from Cydia are installed to. 系统应用程序不受这些限制的约束，可以在/var/stash/Applications/ （或者我认为在iOS 6中路径中有一个标识符），这是安装Cydia的越狱应用程序的地方。

Update : With the Cydia app iFile I can open the /var/mobile/Library/SMS/sms.db database and view the contents. 更新：使用Cydia app iFile，我可以打开/var/mobile/Library/SMS/sms.db数据库并查看内容。 And the Mobile SMS app has no special Entitlements files, so I think you should have no problems reading the SMS database if you place your app in the System apps directory. 移动短信应用程序没有特殊的权利文件，所以如果您将应用程序放在系统应用程序目录中，我认为阅读SMS数据库应该没有问题。

There is actually a way around not being able to use sandbox accounts. 实际上有一种方法无法使用沙盒帐户。 If you reboot your jailbroken device and when the apple bootlogo is displayed you can hold down the volume up button to disable mobilesubstrate. 如果您重新启动越狱设备，并且显示Apple bootlogo时，您可以按住音量增大按钮以禁用mobilesubstrate。 This allows your device to start up like is was never jailbroken and sandbox is enabled. 这允许您的设备启动，就像从未越狱并启用沙箱。 To go back to your jailbroken state just reboot. 要重新启动，请回到越狱状态。 Simple as that! 就那么简单！