• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Sandboxing. WTF?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Sandboxing. WTF?

  • Subject: Re: Sandboxing. WTF?
  • From: Quincey Morris <email@hidden>
  • Date: Sun, 27 May 2012 20:42:45 -0700
On May 27, 2012, at 19:44 , Graham Cox wrote:

> The only feature of my app that is really affected by this is the ability to directly browse a user's iPhoto Library. I use elements of Karelia's iMedia framework to enable this, but sandboxing thwarts it, for fairly obvious reasons (iMedia peeks directly at iPhoto's preferences and grabs resources from the common frameworks used by iWork for icons and so on, as well as going into the iPhoto library itself for images).
>
> Our users love this feature. Has Apple given us a way to do it officially so we can keep our users happy while also toeing the line on sandboxing? If so, some pointers to that would be welcome at this point.

AFAIK, the (a?) correct procedure is to ask the user to locate the items you want to reference, using the standard Open dialog. (This gives the user a chance to opt out.) From the result, you'll need to create a "sandbox-bridging" bookmark to the relevant "authenticated" URL, and store the bookmark in your own sandbox. Then, in future invocations of your app, you should be able to resolve the bookmark silently.

The only fly in the ointment here is that the special bookmark requires a recent version of OS X. (I can't remember which one, perhaps it was 10.7.3.) On older versions, your only options would be to (a) withdraw the feature, or (b) ask the user the first time the reference is needed in each app invocation. (Well, the in the case of grabbing resources, you might be able to keep the resources themselves in your sandbox, and not have to go back to the source again.)

> If not, words fail me......

Well, I understand the frustration, but you *have* been getting somewhat of a free ride.

You have (in effect, like a lot of us) been poking around in the user's file system and grabbing whatever you want. There's no *essential* difference between that and malware. That last statement has very sharp corners and is hard to swallow, but it seems inescapable if we are to have our security be actually, you know, secure.


_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Sandboxing. WTF?
      • From: Graham Cox <email@hidden>
References: 
 >Sandboxing. WTF? (From: Graham Cox <email@hidden>)
 >Re: Sandboxing. WTF? (From: Fritz Anderson <email@hidden>)
 >Re: Sandboxing. WTF? (From: Graham Cox <email@hidden>)

  • Prev by Date: Re: Bug in 10.6 NSPasteboard API? (was: Sending a list of path strings to the Finder via Scripting Bridge)
  • Next by Date: NSXMLParser and initWithStream
  • Previous by thread: Re: Sandboxing. WTF?
  • Next by thread: Re: Sandboxing. WTF?
  • Index(es):
    • Date
    • Thread