• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: AppleScript in Sandboxed App
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: AppleScript in Sandboxed App

  • Subject: Re: AppleScript in Sandboxed App
  • From: "email@hidden" <email@hidden>
  • Date: Wed, 16 Jan 2013 09:52:12 +0000
On 16 Jan 2013, at 03:44, John Nairn <email@hidden> wrote:

> Thanks. I watched the one on "Seccure Automation Techniques in OS X." Near the end it said exactly what I wanted to hear which is that application-run scripts that target only themselves have no restrictions. So far it is half true in my app. I can run an AppleScript now without troubles. But many of my scripts are in python and use ScriptingBridge. I run these python scripts by launching an NSTask as follows
>
> 1. set  working directory to path for the script (which is in my sandbox)
> 2. set PYTHONPATH to some app-specific folders (all in my sandbox)
> 3. Launch task with command line like
>
>          /usr/bin/python (path_to_script)
>
> The task actually starts fine and python launches. The first step in every script is to connect to my app using ScriptingBridge with a python line like
>
>       _gedit = SBApplication.applicationWithBundleIdentifier_(appID)
>
> but this fails with error message
>
> 2013-01-15 19:26:38.954 Python[44491:1407] warning: failed to get scripting definition from /Users/nairnj/Library/Developer/Xcode/DerivedData/GEDitCOM_Pro-bimxoxdrzkwdkqgvskiwmvgvydje/Build/Products/Develop/GEDitCOM SD.app; it may not be scriptable.
>
> Of course that is not true because the app is scriptable and works fine with AppleScript and with python when not sandboxed.
>
> I was thinking my app is just receiving AppleEvents (as generated by python and ScriptingBridge), which is supposed to be allowed. But it does not work. The video mentions a new 10.8 class called NSUserUnixTask, which sounded promising, but its documentation specificlally says "The class is not intended to execute scripts built into an application; for that, use one of the NSTask... " Well I want to execute built in scripts so I am using NSTask, but so far without success.
>
> Has anyone be able to use NSTask to execute a python script to interact only with your own sandboxed app using ScriptingBridge?

Trying to script your sandboxed app from an NSTask instance (i.e.: a separate process) will, I think, be like trying to access it from any other app.

However the NSTask will, IIRC, be launched with the same entitlements as the host app so there is some logic to thinking that it should be able to access the app. If this is not the case then it may be necessary to construct a helper tool to execute your script with an explicit entitlement.

Executing user supplied scripts is troublesome because you don't know in advance which apps they will target and which entitlements they will require. In your case you do know what entitlement would be required.

Another approach would be to try and run your scripts within the app rather than in a separate process (may or may not be possible or advisable depending on your situation). Link against the Python framework rather than calling the shell - /system/library/frameworks/python.framework/versions/2.6/Extras/lib/python/PyObjC (or similar). This approach may or may not solve the sandbox issue!

You would likely have to run the script in another thread and that might be a source of problems.

However:

I do something similar with KosmicTask. I load PyObj-C scripts that target the ScriptingBridge into a small Cocoa task runner. The task runner establishes a run loop and executes the Python script using PyRun_SimpleFile.

The following gives an idea of how I go about it. In my case I actually load a py objc helper class that loads the target py script - but that is only because I need to execute user supplied scripts and so need a very generic solution.

	Py_SetProgramName((char *)[[scriptRunner launchPath] UTF8String]);

	// set up the basic python environment.
	Py_Initialize();

	// get path to our python entrypoint
	NSString *scriptPath = [[scriptRunner resourcesPath] stringByAppendingPathComponent:@"MGSPythonScriptExecutor.py"];

	// load the main script into the python runtime
	FILE *mainFile = fopen([scriptPath UTF8String], "r");
	return (PyRun_SimpleFile(mainFile, (char *)[[scriptPath lastPathComponent] UTF8String]) == 0);

HTH

Jonathan Mitchell
Mugginsoft LLP

================================================
KosmicTask - the Integrated Scripting Environment for OS X.
http://www.mugginsoft.com/KosmicTask
================================================
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • NSString and file system Re: AppleScript in Sandboxed App
      • From: Fritz Anderson <email@hidden>
References: 
 >AppleScript in Sandboxed App (From: John Nairn <email@hidden>)
 >Re: AppleScript in Sandboxed App (From: Mike Abdullah <email@hidden>)
 >Re: AppleScript in Sandboxed App (From: John Nairn <email@hidden>)

  • Prev by Date: Re: 14799 expected memory Leaks in Cocoa.framework?
  • Next by Date: How do I implement the container view which represent the thumbnail of video having variable cell sizes?
  • Previous by thread: Re: AppleScript in Sandboxed App
  • Next by thread: NSString and file system Re: AppleScript in Sandboxed App
  • Index(es):
    • Date
    • Thread