MacOS security flaw exposes Safari browser history
A design flaw in Apple’s macOS could allow a malicious application to steal victims’ Safari web browsing history. According to Mac and iOS developer Jeff Johnson, the security hole exists in every version of the Mac's Mojave operating system, including macOS Mojave 10.14.3 Supplemental Update. The issue specifically exists because there are no permission dialogues for apps in certain folders. While enforcing permissions would mean that these folders could only be accessed by certain apps, no permissions are required in ~/Library/Safari which means that apps are allowed to look inside it. Inside the folder is the user's entire web browsing history.
In an article titled Spying on Safari in Mojave, Jeff Johnson found a way to bypass protections in Mojave and allow apps to look inside ~/Library/Safari without acquiring any permission from the system or from the user. A malware app could secretly violate a user’s privacy by examining their web browsing history.
Once a malicious app has been installed on the system, it could then access the Safari library and steal the web browsing history. A user would have to install and run the malware app on their Mac in order for the flaw to be exploited. Once a malware app is running, it would be able to exploit the flaw silently and secretly, without any further permissions. While only MacOS Mojave was mentioned, macOS High Sierra and earlier had no privacy protections whatsoever either.
High Sierra and earlier have no such protection. On High Sierra there is no privacy protection for folders such as ~/Library/Safari, so the technique used on Mojave would also work on High Sierra. Apple has acknowledged the vulnerability but it will take them some time to release an update with a fix. Currently there is no patch/fix available.