Hacker News new | past | comments | ask | show | jobs | submit login

On a separate matter, how does Facebook Paper get its permissions? I have the Facebook app installed on my iPhone, but I don't have Facebook linked to the operating system. When I installed Paper, I was never prompted to login. Are they able to read a piece of information shared by the normal Facebook app in order to authenticate Paper users without requiring an additional login? Doesn't that violate the sandboxing of application data, or are they able to circumvent those policies since it's all associated with the same app publisher?



Yep! The Facebook app and Facebook Paper have access to the same keychain because they both are from the same publisher and register the same `keychain-access-groups` entitlement.


They're signed with the same distribution keys and have the same app identifier prefix, so they have access to the same shared keychain storage on the device.


Same app publisher can share a common id. As long as you have one of their apps installed.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: