https://bugs.kde.org/show_bug.cgi?id=506889
--- Comment #2 from Victor Souza <[email protected]> --- (In reply to Halla Rempt from comment #1) > We don't use xcode to developer Krita, of course... This entitlement was > added to make it possible for users to generate backtraces for bug reports. > I'm really not sure why this should be a "vulnerability" given that you're > already executing code at the same privilege level as Krita, too, on the > same system? Hi Halla, I totally understand what you mean. It turns out that on macOS, by default, it's common for an application to only run what's in its sandbox. Even if the attacker already has local privileges, using this entitlement significantly lowers the barrier to escalating the attack to other trusted processes (like Krita), and can be combined with other techniques to exploit user data, abuse UI spoofing, keylogging, etc. I think it's important because it's not just theoretical; the BlueNoroff APT recently used this same technique, which can be read about in the Huntress article: https://www.huntress.com/blog/inside-bluenoroff-web3-intrusion-analysis -- You are receiving this mail because: You are watching all bug changes.
