Nick Bilton of the New York Times reports that a loophole in iOS’s security infrastructure enables apps you have allowed to determine your current location to access all the photos on your device (presumably due to the location information stored within photos). Although there are no known instances of this capability being abused in the wild, a proof-of-concept app commissioned by the New York Times showed that it could upload photos to a remote server once it had been given location permission. Apple will likely fix this soon; in the meantime, we recommend turning off unnecessary permissions in Settings > Location Services. follow link
Using Expose within Spaces
To drag a file into an application that's running in another one of your Spaces, use Expose while in Spaces overview mode. First, press F8 to go into Spaces overview mode, then press F9 to Expose all application windows. Hover over the application window you want and wait a moment or press the Space bar, and both that space and that application come to the foreground, ready for you to drop the file.
Visit plucky tree
iOS Apps with Location Permission Can Access Your Photos
Second, in a conspiracy, there has to be some benefit to Apple, and I can't see how Apple benefits in any way from exposing users' photos to apps. Apple already has access to those photos via Photo Stream, so what possible gain could the company achieve by allowing third-party apps similar access? And it's not like Apple is known for giving developers all sorts of unfettered access.
No, this really does feel like an oversight to me.
I feel it's nit-picking to complain that the alert only mentions that your photos and videos being accessed rather than saying "location information AND PHOTOS AND VIDEOS from your photos and videos." You are giving the app access to your photo library. What do you expect it to find there? Cumquats?
Sure, we don't want apps surreptitiously uploading photos. And occasionally some problem apps of various kinds do get into the App Store, at least for a while. It's not perfect.
I think it would be a shame if every access of every app to every API required a dialog. Although it's way to early to declare it a success, the OS X concept of sandbox entitlements, where an app declares (to Apple) the shared data features its going to use (calendar apps for calendar data, photo apps for photo data), actually seems better than the "more and more dialogs" approach.
I still don't want to see more dialogs.