Hacker News new | past | comments | ask | show | jobs | submit login

I think they are implying apple can’t control the sensitivity of third party tools across the board, so it’s up to chrome to figure out how to protect your browsing history, and they need to improve their file system layout or APIs to protect their users.



>third party tools

>it’s up to chrome

https://news.ycombinator.com/item?id=25267165:

> ~/Library/Safari/LocalStorage because Safari names the files in this directory according to the web sites that you visit! [emphasis added]


Zing, thanks for pointing that out.


Safari uses APIs to protect its data directory that isn’t made available to third-party apps.


And those aren't good enough as he was able to bypass them with ls - command line tool ran without privilege inside of a sandboxed app.

This is a serious issue for data leakage.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: