Re: creating temp files or temp folders in standard temp file locations in mdimporter on Mac OS X 10.8.3
Re: creating temp files or temp folders in standard temp file locations in mdimporter on Mac OS X 10.8.3
- Subject: Re: creating temp files or temp folders in standard temp file locations in mdimporter on Mac OS X 10.8.3
- From: Quincey Morris <email@hidden>
- Date: Mon, 03 Jun 2013 10:44:24 -0700
On Jun 3, 2013, at 09:58 , "Sean McBride" <email@hidden> wrote:
> NSTemporaryDirectory() is an old path-based API. Perhaps the newer URL-based APIs (URLForDirectory:inDomain:appropriateForURL:create:error:) might return a more appropriate temp directory...
In this document:
https://developer.apple.com/library/mac/#documentation/Security/Conceptual/AppSandboxDesignGuide/AppSandboxInDepth/AppSandboxInDepth.html
(which was updated this year, so it shouldn't out-of-date, I'd hope), under the heading "Container Directories and File System Access", there's list of places a sandboxed app can access:
> When you adopt App Sandbox, your application has access to the following locations:
>
> • The app container directory. Upon first launch, the operating system creates a special directory for use by your app—and only by your app—called a container. Each user on a system gets an individual container for your app, within their home directory; your app has unfettered read/write access to the container for the user who ran it.
> […]
> • Temporary directories, command-line tool directories, and specific world-readable locations. A sandboxed app has varying degrees of access to files in certain other well-defined locations.
and then, under the heading "Powerbox and File System Access Outside of Your Container":
> In addition [to locations made available via Powerbox], the system automatically permits a sandboxed app to:
>
> […]
> • Read and write files in directories created by calling NSTemporaryDirectory.
>
> Note: The /tmp directory is not accessible from sandboxed apps. You must use the NSTemporaryDirectory function to obtain a temporary location for your app’s temporary files.
That seems to answer your comment (NSTemporaryDirectory() does seem to be the right API) and Kyle's last comment (sandboxing doesn't intrinsically disable file writing -- it merely restricts places where files can be written without entitlements to a few known locations).
The deeper question is whether a spotlight worker process is running in an *app* sandbox at all, or whether it has some other kind of security context.
Under the circumstances, I'd suggest that the OP should use a TSI to find out why NSTemporaryDirectory() doesn't work.
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden