Sandbox Violation: [appname] deny network-outbound :22

Discussion in 'iPad Hacking' started by Commodore, Dec 29, 2013.

  1. Commodore
    Offline

    Commodore iPad Fan

    Joined:
    Jul 30, 2012
    Messages:
    256
    Thanks Received:
    3
    Trophy Points:
    18
    Location:
    Europe
    Ratings:
    +4 / 0
    Does iOS7 require other privileges/tweaks as opposed to iOS6, if one wants to connect to a local SSH server (127.0.0.1) using a local app? I tried two different terminal apps, but I can't connect to an SSH server within the device (connecting from laptop to iPhone/iPad works; also using the same app to connect from iPhone/iPad to an SSH server half way around the world works).
    Diagnostics & Usage gets a relevant entry which includes the line "Sandbox Violation: [appname] deny network-outbound :22".

    Another command line question... If I try to run Midnight Commander (with mc), I get " "Error opening terminal: xterm". How can I fix this? The file /usr/share/terminfo/x/xterm is there.
  2. willerz2
    Offline

    willerz2 iPad Addict

    Joined:
    Feb 22, 2012
    Messages:
    1,273
    Thanks Received:
    235
    Trophy Points:
    63
    Location:
    New York
    Ratings:
    +252 / 0
    It's a sandbox issue, not a permissions issue. Are you trying to SSH from your iPad to a terminal? Or a terminal to your iPad.
  3. Commodore
    Offline

    Commodore iPad Fan

    Joined:
    Jul 30, 2012
    Messages:
    256
    Thanks Received:
    3
    Trophy Points:
    18
    Location:
    Europe
    Ratings:
    +4 / 0
    It works in all directions but within the device itself (i.e. SSH connection to 127.0.0.1 using either iSSH or ServerAuditor). No such issue on iOS6, though.
  4. willerz2
    Offline

    willerz2 iPad Addict

    Joined:
    Feb 22, 2012
    Messages:
    1,273
    Thanks Received:
    235
    Trophy Points:
    63
    Location:
    New York
    Ratings:
    +252 / 0
    Just tested it out. They've changed the default sandboxing. You'd have to tweak it to allow for sandboxing.
  5. Commodore
    Offline

    Commodore iPad Fan

    Joined:
    Jul 30, 2012
    Messages:
    256
    Thanks Received:
    3
    Trophy Points:
    18
    Location:
    Europe
    Ratings:
    +4 / 0
    What exactly should I tweak in this particular case? Did they add firewall rules?
    (It seems this part is still buggy or behaves differently than on 6 also because even after switching SSH server off in Settings, the two processes, namely sftp-server and sshd are still listed as running.)
  6. willerz2
    Offline

    willerz2 iPad Addict

    Joined:
    Feb 22, 2012
    Messages:
    1,273
    Thanks Received:
    235
    Trophy Points:
    63
    Location:
    New York
    Ratings:
    +252 / 0
    There was a proposed fix where you move the Prompt.app to a separate location to bypass it. I haven't tested it out but if you're looking to fiddle around I can give you the exact directories.
  7. Commodore
    Offline

    Commodore iPad Fan

    Joined:
    Jul 30, 2012
    Messages:
    256
    Thanks Received:
    3
    Trophy Points:
    18
    Location:
    Europe
    Ratings:
    +4 / 0
    I may give it a shot. Does it mean moving/copying the whole app directory from /var/mobile/Applications/XXXX to another one (e.g. /usr/here)? Or also issuing 'chmod' on the new location?
  8. willerz2
    Offline

    willerz2 iPad Addict

    Joined:
    Feb 22, 2012
    Messages:
    1,273
    Thanks Received:
    235
    Trophy Points:
    63
    Location:
    New York
    Ratings:
    +252 / 0
    Move it from /var/mobile/Applications/ to /Applications. Move the Prompt.app actual file, not the entire folder.
  9. Commodore
    Offline

    Commodore iPad Fan

    Joined:
    Jul 30, 2012
    Messages:
    256
    Thanks Received:
    3
    Trophy Points:
    18
    Location:
    Europe
    Ratings:
    +4 / 0
    You mean "Prompt" file within "Prompt.app" folder (or, in my case, "iSSH" file within "iSSH.app" folder)? Does the move affect the shortcut/icon on the desktop, so it starts from the new location at all times later on?
  10. Commodore
    Offline

    Commodore iPad Fan

    Joined:
    Jul 30, 2012
    Messages:
    256
    Thanks Received:
    3
    Trophy Points:
    18
    Location:
    Europe
    Ratings:
    +4 / 0
    I tried doing that (moving "iSSH" file within "iSSH.app" folder to /Applications), but it didn't work. The app crashed on start, so I moved the file back.
  11. Commodore
    Offline

    Commodore iPad Fan

    Joined:
    Jul 30, 2012
    Messages:
    256
    Thanks Received:
    3
    Trophy Points:
    18
    Location:
    Europe
    Ratings:
    +4 / 0

Share This Page

Search tags for this page

deny network-outbound

,
ios 7 issh local
,

ios crash sandbox violation

,
sandbox and error and diagnostic and ios 7
,
sandbox deny network-outbound
,

sandbox violation deny network

,
sandbox violation iphone