Re: sandbox question about copying from bundle
Re: sandbox question about copying from bundle
- Subject: Re: sandbox question about copying from bundle
- From: "Rick C." <email@hidden>
- Date: Mon, 25 Jun 2012 08:32:52 +0800
Yes that is right I was doing it wrong thank you very much! Now the only other issue I had was am I not allowed to write my helper app to my application support folder and send NSTask to it there? It seems this only works if I keep it inside of my bundle?
rc
On Jun 25, 2012, at 5:08 AM, Todd Heberlein wrote:
>
> On Jun 24, 2012, at 2:47 AM, Rick C. wrote:
>
>> Ok here's my follow-up...I confirmed that everything I told you was true and finally said to myself I will just communicate with this executable inside my bundle. This works until I submit it to the Mac App Store and I get invalid binary because this executable (3rd party) is not sandboxed. So I give this binary entitlements and now when I try to communicate with it via NSTask it crashes and the crash report reveals that a sandbox cannot be created.
>
> I haven't played with sandboxed helper apps yet, but I read the other day if the helper app is started via posix_spawn(), the helper apps should have exactly two entitlements:
>
> com.apple.security.app-sandbox YES
> com.apple.security.inherit YES
>
> For helper apps start with XPC Services you can have a much richer entitlement set.
>
> My guess is that NSTask, because it is an older approach, uses posix_spawn(), so you might want to try and *only* give it the "inherit" entitlement.
>
> Todd
>
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden