Re: Sandboxing. WTF?
Re: Sandboxing. WTF?
- Subject: Re: Sandboxing. WTF?
- From: Roland King <email@hidden>
- Date: Mon, 28 May 2012 17:31:13 +0800
On May 28, 2012, at 5:23 PM, Graham Cox wrote:
>
> On 28/05/2012, at 6:54 PM, Jean-Daniel Dupas wrote:
>
>> The posted documentation says:
>>
>> «A POSIX function, such as getpwuid, can provide the file system path you need.»
>>
>> I guess it means you have to resolve the real com.apple.iApps.plist path yourself and access the file directly.
>
>
> Okaaay....
>
> That's a bit weird though, because you have to put the static file paths you want to access in your entitlements, but getpwuid is a function call, returning a path dynamically. Perhaps that path is actually static? Or do I call it and somehow register the entitlement on the fly? If so, how?
>
> It's documentation and commentary like this that is making it hard to adopt sandboxing. If they really want us to do it, why not spell it out instead of leaving us a trail of cryptic clues?
>
> --Graham
The way I read it is you register the entitlement exactly as you have been doing, as a user entitlement to Library/<whatever>. Then at runtime you use getpwuid() to find an absolute path to the actual user's home directory, construct the Library/<whatever> on top of that as an absolute (and of course dynamic depending on the user) path and open the file there. If my understanding is correct, the generic user entitlement you added will give you access to that absolute path.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden