https://lapcatsoftware.com/articles/2023/8/2.html
App Management is a new macOS security feature in Ventura introduced at WWDC last year:
If an app is modified by something that isn’t signed by the same development team and isn’t allowed by an NSUpdateSecurityPolicy, macOS will block the modification and notify the user that an app wants to manage other apps. Clicking on the notification sends people to System Settings, where they can allow an app to update and modify other apps.
Back in October I wrote about How macOS Ventura App Management works and doesn’t work, but I kept one part a secret:
in the process of writing this blog post, I found a new App Management bypass that doesn’t require full disk access. I won’t discuss the details of that here (I sent them to Apple Product Security a few days ago)
Specifically, I reported the bypass on October 19, 2022, Apple Product Security acknowledged receiving my report on October 21, and Apple released macOS Ventura to the public on October 24. Today I will discuss the details of the bypass, not because it’s been fixed in macOS—in fact it hasn’t been fixed yet—but rather because I’ve lost all confidence in Apple to address the issue in a timely manner.
In other words, I’m dropping a 0day. ..
