Skip to main content

Insecure File Management

Why is this important?

Any functionality related to file management requires careful usage. If attackers can influence the input to file access-related APIs, then it can have a serious impact.

Fixing Insecure File Management

App developers can leverage the iOS Data Protection APIs to implement fine-grained access control for user data stored in flash memory. The APIs are built on top of the Secure Enclave Processor.

There are four protection classes for files:

  1. Complete Protection (NSFileProtectionComplete)
  2. Protected Unless Open (NSFileProtectionCompleteUnlessOpen)
  3. Protected Until First User Authentication (NSFileProtectionCompleteUntilFirstUserAuthentication
  4. No Protection (NSFileProtectionNone)

More information about these classes can be found here.

Option A: Leverage the iOS Data Protection APIs correctly

  1. Go through the issues that GuardRails identified in the PR/MR.
  2. Identify the use of NSFileProtectionNone or noFileProtection.
  3. Confirm that it is ok that the system doesn’t store the file in an encrypted format, otherwise select the correct protection class.
  4. Ship it 🚢 and relax 🌴