MASTG-KNOW-0061: Binary Protection Mechanisms
Detecting the presence of binary protection mechanisms heavily depend on the language used for developing the application.
Although Xcode enables all binary security features by default, it may be relevant to verify this for old applications or to check for compiler flag misconfigurations. The following features are applicable:
- PIE (Position Independent Executable):
- PIE applies to executable binaries (Mach-O type
MH_EXECUTE) source. - However it's not applicable for libraries (Mach-O type
MH_DYLIB).
- PIE applies to executable binaries (Mach-O type
- Memory management:
- Both pure Objective-C, Swift and hybrid binaries should have ARC (Automatic Reference Counting) enabled.
- For C/C++ libraries, the developer is responsible for doing proper manual memory management. See "Memory Corruption Bugs".
- Stack Smashing Protection: For pure Objective-C binaries, this should always be enabled. Since Swift is designed to be memory safe, if a library is purely written in Swift, and stack canaries weren't enabled, the risk will be minimal.
Learn more:
- OS X ABI Mach-O File Format Reference
- On iOS Binary Protections
- Security of runtime process in iOS and iPadOS
- Mach-O Programming Topics - Position-Independent Code
Tests to detect the presence of these protection mechanisms heavily depend on the language used for developing the application. For example, existing techniques for detecting the presence of stack canaries do not work for pure Swift apps.
Xcode Project Settings¶
Stack Canary protection¶
Steps for enabling stack canary protection in an iOS application:
- In Xcode, select your target in the "Targets" section, then click the "Build Settings" tab to view the target's settings.
- Make sure that the "-fstack-protector-all" option is selected in the "Other C Flags" section.
- Make sure that Position Independent Executables (PIE) support is enabled.
PIE protection¶
Steps for building an iOS application as PIE:
- In Xcode, select your target in the "Targets" section, then click the "Build Settings" tab to view the target's settings.
- Set the iOS Deployment Target to iOS 4.3 or later.
- Make sure that "Generate Position-Dependent Code" (section "Apple Clang - Code Generation") is set to its default value ("NO").
- Make sure that "Generate Position-Dependent Executable" (section "Linking") is set to its default value ("NO").
ARC protection¶
ARC is automatically enabled for Swift apps by the swiftc compiler. However, for Objective-C apps you'll have ensure that it's enabled by following these steps:
- In Xcode, select your target in the "Targets" section, then click the "Build Settings" tab to view the target's settings.
- Make sure that "Objective-C Automatic Reference Counting" is set to its default value ("YES").
See the Technical Q&A QA1788 Building a Position Independent Executable.