Other Ios Biometric Acl
Weak biometric ACL flag is associated with a key stored in Keychain. With '.biometryAny/.userPresence/.touchIDAny' flag, an attacker with the ability to add a biometry to the device can authenticate as the user. It is recommended to use more specific and secure authentication mechanisms like '.biometryCurrentSet' and '.touchIDCurrentSet'. Here's an example o
greprules fetch gitlab-sast-rules-lgpl-swift-other-rule-ios-biometric-acl --engine opengrepDescription
Weak biometric ACL flag is associated with a key stored in Keychain. With '.biometryAny/.userPresence/.touchIDAny' flag, an attacker with the ability to add a biometry to the device can authenticate as the user. It is recommended to use more specific and secure authentication mechanisms like '.biometryCurrentSet' and '.touchIDCurrentSet'. Here's an example o
Detection target
Not provided
Recommended fix
Not provided
False-positive notes
Not provided
Community feedback
Sign in to report false positives, mark this rule useful, or suggest metadata improvements.