All geek questions in one place

Application Sandbox Protection

So, I am working on a test application that uploads files locally to a sandbox to store application files. Some of these files may be sensitive and need protection. My application has a login mechanism, so you won’t be able to access files if you don’t have a login, so my main problem is the ability to sniff content (perhaps on a device with hacked daemons?).

Now I was wondering if the best way to protect these files is to encrypt each of them independently. Or maybe there is a way to encrypt the entire sandbox? Or is it encrypted by default? Has anyone ever done anything like this before?

I apologize for the long series of questions, I try to collect as much information as possible about this before making a design decision ...

Thanks!

+3
source share
2 answers

You might want to learn about File Protection mechanisms in iOS 4 and later. This makes it possible to mark the file as "secure", so it will be stored in encrypted form on the disk at any time, available only when the device is unlocked (with a password).

See also this question.

+5
source

You can encrypt the entire sandbox using the OS if you configure iPhone 4 on OS 4.x. Even then, iOS has this “keychain” concept, which is basically a password cache and whether it can be hacked. As far as I know, Mail is the only application that encrypts everything.

To encrypt application data this way, you just need to set the appropriate NSFileProtectionKey , as described in NSFileManager . But, as already mentioned, this is not entirely safe.

You can try the user category in the file manager, which encrypts files based on your own requirement that you have encrypted documents. The choice is yours.

+1
source

Source: https://habr.com/ru/post/923012/

More articles:


All Articles