• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: dropping alias file on NSPathControl with App Sandbox
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: dropping alias file on NSPathControl with App Sandbox

  • Subject: Re: dropping alias file on NSPathControl with App Sandbox
  • From: Mike Abdullah <email@hidden>
  • Date: Wed, 10 Oct 2012 17:39:52 +0100
On 10 Oct 2012, at 15:04, "Sean McBride" <email@hidden> wrote:

> On Wed, 10 Oct 2012 09:46:15 +0100, Mike Abdullah said:
>
>>>> Sandboxed apps can resolve aliases and follow symlinks, but unless the
>>>> destination is within their sandbox already they do not gain access to
>>>> it, sadly. I recommend filing a radar requesting this.
>>>
>>> I will.
>>>
>>> Do you agree with me that pathControl:acceptDrop: should pass the
>> resolved alias instead of the original?  Or perhaps provide a
>> setResolvesAliases: like NSOpenPanel does?
>>
>> I don't know really. To resolve aliases properly would require it to be
>> some sort of privileged UI component like NSOpenPanel. Or Apple would
>> have to add a new entitlement for this, or adjust how the sandbox works.
>> They all *work*, but the first option sucks for developers making other
>> similar things.
>
> I'm pretty sure it already is a 'privileged UI component like NSOpenPanel'.  In the early seeds of 10.7, there were all sorts of sandbox violations related to NSPathControl trying to draw the icons of the file hierarchy, and failing to have access to those icons.

Really? Three possible conclusions come to mind:

* The sandbox has been relaxed to allow fetching of icons of ancestor folders
* NSPathControl is more aware of the sandbox, and doesn't try to fetch icons it doesn't have access to
* NSPathControl has some special privilege which allows it to fetch icons other components can't

The last one seems least likely to me since it would be a sandbox hole application-level or malicious code could exploit. Number two also seems slightly improbably to me simply because NSPathControl still has a sandbox-related bug where it no longer recognises a path stems from the user's home directory.


_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: dropping alias file on NSPathControl with App Sandbox
      • From: Uli Kusterer <email@hidden>
References: 
 >dropping alias file on NSPathControl with App Sandbox (From: Sean McBride <email@hidden>)
 >Re: dropping alias file on NSPathControl with App Sandbox (From: Mike Abdullah <email@hidden>)
 >Re: dropping alias file on NSPathControl with App Sandbox (From: Sean McBride <email@hidden>)
 >Re: dropping alias file on NSPathControl with App Sandbox (From: Mike Abdullah <email@hidden>)
 >Re: dropping alias file on NSPathControl with App Sandbox (From: Sean McBride <email@hidden>)

  • Prev by Date: Re: dropping alias file on NSPathControl with App Sandbox
  • Next by Date: Re: dropping alias file on NSPathControl with App Sandbox
  • Previous by thread: Re: dropping alias file on NSPathControl with App Sandbox
  • Next by thread: Re: dropping alias file on NSPathControl with App Sandbox
  • Index(es):
    • Date
    • Thread