Unauthorized Cross-App Resource Access on MAC OS X and iOS

Some discussion around this on the OAuth WG mailing list: <a href="https:&#x2F;&#x2F;www.ietf.org&#x2F;mail-archive&#x2F;web&#x2F;oauth&#x2F;current&#x2F;msg14629.html" rel="nofollow">https:&#x2F;&#x2F;www.ietf.org&#x2F;mail-archive&#x2F;web&#x2F;oauth&#x2F;current&#x2F;msg14629...</a>