All it does is install a provisioning profile on the device to allow it to install any app it wants, that can make private API calls that would normally be rejected by Apple if they tried to submit the app.
So essentially, it allows them to install apps that have the exact same restrictions as apps for jailbroken devices. Or do I have it wrong?
Well, then it installs an app. And yes, it's the same restrictions as apps for jailbroken devices....and they can take over your phone pretty easily (as described in the article). Sounds like you have the specifics right but may not understand the implications?
Okay. I just find the originality of the vulnerability exaggerated (e.g. giving the process some special name (mactans) when all it is is a dev account installing an app on a device).
All it does is install a provisioning profile on the device to allow it to install any app it wants, that can make private API calls that would normally be rejected by Apple if they tried to submit the app.
So essentially, it allows them to install apps that have the exact same restrictions as apps for jailbroken devices. Or do I have it wrong?