What exactly is Sandboxing on iOS? Can apps peek at each other?Solved

Hi!

To answer your question directly: It is much more than just a policy—it is a hard wall built into the operating system kernel.

Think of the Sandbox literally like a child’s sandbox in a park.

• The Container: Every third-party app you install is given its own unique home directory (a container) the moment it is installed. This directory is randomly assigned.
• The Rule: The app can play with its own sand (files and data) all it wants, but it has absolutely no way to reach over the plastic wall into the neighbor’s sandbox.

So, if you downloaded a malicious flashlight app, it can read its own preferences file, but it cannot traverse the file system to read the database of your banking app. The operating system kernel simply denies that read request because it’s outside the app’s container.

This also applies to the OS itself. The entire system partition is mounted as read-only, so apps can’t modify system files to give themselves higher privileges.

The randomly assigned home directory part is interesting, so the app doesn’t even know where the other apps are located?

But wait, if the walls are that high, how do apps share data? For example, if I want to upload a photo to Instagram, the app clearly needs access to my Photos app. How does it get over the wall?

Exactly! That’s where Entitlements and Services come in.

Since the walls are high, an app can’t just grab the photo. It has to ask the Operating System to pass it through a secure window.

• Explicit Services: If an app wants data from another app (like Photos or Contacts), it has to use specific system services provided by OS. It can’t go direct.
• Entitlements: This is the keycard system. Developers have to sign their apps with specific Entitlements (key-value pairs) that declare what they intend to do (e.g., I need to access the camera).

If an app tries to access the camera but doesn’t have that specific entitlement signed into its code, the system blocks it immediately. And even if it does have the entitlement, iOS will usually throw up that pop-up we all know: “App X would like to access your Photos.” That is the TCC (Transparency, Consent, and Control) framework in action.

Bonus security point:

Apple also uses something called ASLR (Address Space Layout Randomization). Every time an app launches, its memory locations are shuffled. So even if a hacker found a way to inject code, they wouldn’t know where in the memory to put it because the address changes every time.

Hope that helps!