/etc/passwd is the same on every device because it is in the system image, which is world readable. I don't think this exploit can be used to read the call history database as the author implies because it is outside of the sandbox profile.
They provided a complete exploit. It's only about 50 lines long. If you want to know if it works with other files it's pretty trivial to see for yourself.
Yeah the author goes a bit far in their hypotheticals, straight into fantasy.
Also not sure I agree with the implication that Apple shouldn’t publish which vulnerabilities they’ve patched (the only logical conclusion because the alternative, patching every version in perpetuity, is unrealistic).
