demo.c

/*
 Bug demo of Taurine
 CFPreferences family functions will always handles preferences files from euid user container instead of specified user container.
 This demo will generate demo.bundleid.plist file in root container (/var/root/Library/Preferences/demo.bundleid.plist) instead of mobile container (/var/mobile/Library/Preferences/demo.bundleid.plist).
 To run this demo correctly, you should follow these steps:
 1. Build and codesign
    xcrun -sdk iphoneos clang -arch arm64 demo.c -framework CoreFoundation -o demo
    ldid -S demo
 2. Put the demo file into /usr/bin
 3. Set owner as root, group as wheel, permission as 6755
    sudo chown root:wheel /usr/bin/demo
    sudo chmod 6755 /usr/bin/demo
 4. Run demo as mobile user
 5. Check if demo.bundleid.plist file is generated in root container
    ls -la /var/root/Library/Preferences/demo.bundleid.plist
 */
#include <CoreFoundation/CoreFoundation.h>

int main() {
    puts("Must run this demo as mobile user.");
    puts("And my euid must be 0.");
    int ret = 0;
    if (getuid() != 501) {
        ret += 1;
    } else {
        puts("I am mobile user.");
    }
    if (geteuid() != 0) {
        ret += 2;
    } else {
        puts("My euid is 0.");
    }
    if (ret) {
        if (ret & 1)
            puts("I'm not mobile user!");
        if (ret >> 1 & 1)
            puts("My euid is not 0!");
        return ret;
    }
    CFPreferencesSetValue(CFSTR("demo key"), CFSTR("demo value"), CFSTR("demo.bundleid"), CFSTR("mobile"), kCFPreferencesAnyHost);
    return 0;
}