Note that you were always able to easily inject/specify which DYLIBS were loaded into the invocation of an executable. However, the OP describes a way of doing this that is difficult (impossible in a general sense?) to detect.
Second, this would probably be the most effective attack against the sandbox of the Mac Store. It effectively allows injection of arbitrary code into an arbitrary child process.
Third, to my understanding, this does not allow user-bound privilege escalation (e.g. no root) because those are bound by the process, inside of which the code is loaded and run.
Honestly, though, shouldn't be too difficult to patch.
There are some mitigations for this already built in. "Sensitive" processes are disallowed from linking libraries relative to @rpath and friends. Excerpt from dyld.cpp:
else if (sProcessIsRestricted && (path[0] != '/' )) {
throwf("unsafe use of relative rpath %s in %s with restricted binary", path, context.origin);
}
A cursory glance suggests that sProcessIsRestricted is true for setuid binaries and processes with restricted entitlements. Which makes sense: these would otherwise be privilege escalation vectors.
Second, this would probably be the most effective attack against the sandbox of the Mac Store. It effectively allows injection of arbitrary code into an arbitrary child process.
Third, to my understanding, this does not allow user-bound privilege escalation (e.g. no root) because those are bound by the process, inside of which the code is loaded and run.
Honestly, though, shouldn't be too difficult to patch.