TaiG has released an updated version of its iOS 8.4 jailbreak to fix a problem that allowed apps to easily become root.
I0n1c recently tweeted about the issue.
TaiG jb for iOS 8.x seems to have a broken setreuid() that allows root privilege escalation. Less a backdoor than a broken kernelpatch
This means that the application “can theoretically have access to everything” on your device.
Hopefully the new version of jailbreak fully addresses the problem.
Saurik posted his thoughts on the matter yesterday:
I already talked to TaiG about this awkward kernel patch days ago, and have this on my schedule of things to fix “next” (after the thing I’m working on fixing right now). FWIW, I did not realize their patch was this bad (I mean, dude: that’s pretty bad…), but I’m still not terribly concerned (as an example: i0n1c says “don’t install tweaks from random people in the next few days”, but those already by definition have privileged access, so you should already be careful installing them). (This setuid bug is the “proactive fix” that I talked about in the Cydia 1.1.18 changelog.)
Changelog:
● Fixes setreuid patch to prevent applications from obtaining to root privileges through setreuid.
● Increases stability.
Leave a Reply