I just reproduced @lapcatsoftware's sandbox escape. Incredible find, I can't believe Apple doesn't deem this a legitimate security issue that warranted a bounty payment? If completely escaping the sandbox isn't a security issue, what is?https://lapcatsoftware.com/articles/sandbox-escape.html …
Yes, it seems not ideal. And yet we can click the "Enable Content" button in Microsoft Office, and that document author can run whatever arbitrary code that they want. We've got a long way to go with desktop OS security...