iOS Architecture

iOS makes one big bet: nothing runs unless Apple-rooted code signing says it can, and even then it can only touch what its signed entitlements permit. The executable is a Mach-O whose code pages the kernel hashes one at a time; the app lives in a default-deny container; entitlements are the keys to specific doors. Understand Mach-O, code signing, the sandbox, and entitlements and you understand both why iOS is hard to attack and exactly where a tester gets to work.