MASTG-TEST-0215: Sensitive Data Not Excluded From Backup
Content in BETA
This content is in beta and still under active development, so it is subject to change any time (e.g. structure, IDs, content, URLs, etc.).
Overview¶
This test verifies whether your app correctly instructs the system to exclude sensitive files from backups.
Files in the /tmp and /Library/Caches subdirectories of the app container are excluded from iCloud Backups. For files and directories in any other locations within the app container, iOS provides the isExcludedFromBackup API to guide the system not to back up a given file or directory. However, this API does not guarantee guarantee the actual exclusion:
"The
isExcludedFromBackupresource value exists only to provide guidance to the system about which files and directories it can exclude; it's not a mechanism to guarantee those items never appear in a backup or on a restored device."
Therefore, the only way to properly protect your files from a backup is to encrypt them.
Steps¶
- Run a static analysis tool such as radare2 for iOS on the app binary, or use a dynamic analysis tool like Frida for iOS, and look for uses of
isExcludedFromBackupAPI.
Observation¶
The output should contain the disassembled code of the functions using isExcludedFromBackup and if possible the list of affected files.
Evaluation¶
The test case fails if you can find the use of isExcludedFromBackup within the source code and if any of the affected files can be considered sensitive.
For the sensitive files found, and in addition to using isExcludedFromBackup, make sure to encrypt them, as isExcludedFromBackup does not guarantee the exclusion.
Demos¶
MASTG-DEMO-0019: Uses of isExcludedFromBackupKey to Exclude Data From Backups