1. MEDIUM: AIFW Firewall Daemon Runs with Unnecessary Root Privileges, Expanding Attack Surface
A critical security design flaw has been identified in the AIFW firewall daemon: it runs with full root privileges for its entire lifetime and never drops them after initialization. While root access is required for initial operations like opening the `/dev/pf` device and configuring network interfaces, the daemon's co...