WingNews logo WingNews
top | item 43839830

(no title)

Roguelazer | 10 months ago

Running a parser for a network protocol as root seems like a pretty unnecessarily dumb thing to do. I can't really imagine why any part of airplay would need to run as root; maybe something to do with DRM? Although the DRM daemon `fairplayd` runs as a limited-privilege user `_fpsd`, so maybe not. So bizarre that Apple makes all these cool systems to sandbox code, and creates dozens of privilege-separated users on macOS, and then runs an HTTP server doing plists parsing as an unsandboxed root process.

discuss

order

Mindwipe|10 months ago

Apple have reworked Airplay so many times at this point the entire thing is just a massive pile of technical debt piled on another massive pile of technical debt, piled on a bunch of weird hacks to try and keep all the devices built for previous versions afloat.

walterbell|10 months ago

At least it can be disabled via MDM/Configurator policy.