Reputation: 56659
iOS: How does Keychain maintain application isolation?
I know that each app has their own Keychain which cannot be accessed by any other apps. How does iOS enable this "privacy"?
Looking at an example from KeychainAccess:
let keychain = Keychain(service: "com.example.github-token")
keychain["kishikawakatsumi"] = "01234567-89ab-cdef-0123-456789abcdef"
What exactly will prevent another app from running this same code and accessing your kishikawakatsumi data?
Upvotes: 1
Views: 142
Answers (1)
Reputation: 5797
From the Keychain Services documentation of Apple.
Note: On iPhone, Keychain rights depend on the provisioning profile used to sign your application. Be sure to consistently use the same provisioning profile across different versions of your application.
Keychain Access Controls
iOS: iOS gives an application access to only its own keychain items. The keychain access controls discussed in this section do not apply to iOS.
Upvotes: 3
Related Questions
- Avoid other apps using the same framework to access the keychain data in iOS
- does every iOS app has it's own single keychain on device?
- Is keychain item created by app safe without access control?
- KeyChain - what is it?
- Keychain - Secure Data Storage
- Is keychain data that I store restricted to my app?
- Why is the Keychain accessible when the device is locked when using kSecAttrAccessibleWhenUnlocked?
- How Keychain2Go get other app's keychain data on iphone?
- Does the Keychain in iOS actually work?
- Does the applicationProtectedDataWillBecomeUnavailable: application delegate method also apply to the keychain?