Re: sandbox question about copying from bundle
Re: sandbox question about copying from bundle
- Subject: Re: sandbox question about copying from bundle
- From: Todd Heberlein <email@hidden>
- Date: Sun, 24 Jun 2012 14:08:11 -0700
On Jun 24, 2012, at 2:47 AM, Rick C. wrote:
> Ok here's my follow-up...I confirmed that everything I told you was true and finally said to myself I will just communicate with this executable inside my bundle. This works until I submit it to the Mac App Store and I get invalid binary because this executable (3rd party) is not sandboxed. So I give this binary entitlements and now when I try to communicate with it via NSTask it crashes and the crash report reveals that a sandbox cannot be created.
I haven't played with sandboxed helper apps yet, but I read the other day if the helper app is started via posix_spawn(), the helper apps should have exactly two entitlements:
com.apple.security.app-sandbox YES
com.apple.security.inherit YES
For helper apps start with XPC Services you can have a much richer entitlement set.
My guess is that NSTask, because it is an older approach, uses posix_spawn(), so you might want to try and *only* give it the "inherit" entitlement.
Todd
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden