• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: deny file-read-data after launch
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: deny file-read-data after launch

  • Subject: Re: deny file-read-data after launch
  • From: Steve Mills <email@hidden>
  • Date: Fri, 09 Jan 2015 01:09:53 -0600
On Jan 8, 2015, at 17:18:21, Kyle Sluder <email@hidden> wrote:
>
> Make sure you’re not just storing a plain path in NSUserDefaults. To maintain access to a resource across app launches, you need to use a security-scoped bookmark. This is an NSData that is created from an NSURL via -bookmarkDataWithOptions:…
>
> Read the Security Scoped Bookmarks and Persistent Access section of the App Sandbox Design Guide for more, including what entitlements you need to enable to save the appropriate kind of bookmark (app-scoped): <https://developer.apple.com/library/mac/documentation/Security/Conceptual/AppSandboxDesignGuide/AppSandboxInDepth/AppSandboxInDepth.html>

Thanks Graham and Kyle. So since I now need to take control of securing the url chosen in the path control, I can no longer just bind its value to user defaults in the xib, right? I've added an action method that gets called when the path changes, where I create a secure bookmark and store that in user defaults instead.

Then in awakeFromNib (for when the app launches and the window is created), I get the bookmark out of user defaults, resolve it securely to the url, and set the path control's url to that. Sound good so far?

Now I think I'm left with being granted access to that url. It's easy enough to do that in awakeFromNib right before I use the url to set the path control's url. But I'll need to keep access to it for the entire run of the app or until the user chooses a different folder. At what point would you suggest I call stopAccessingSecurityScopedResource on it? I'd need to do it before the user chooses a new folder, but before the NSPathControl sets its url, otherwise I'll lose any references to the url I've been granted access to use.

Actually, the following scheme seems to be working:

-(void) awakeFromNib
{
	if(bookmark != nil) {
		NSURL*	url = [NSURL URLByResolvingBookmarkData:bookmark options:(NSURLBookmarkResolutionWithoutUI | NSURLBookmarkResolutionWithSecurityScope) relativeToURL:nil bookmarkDataIsStale:nil error:nil];
		BOOL	needToStopAccess = [url startAccessingSecurityScopedResource];

		[self.searchPathView setURL:url];

		if(needToStopAccess)
			[url stopAccessingSecurityScopedResource];
	}
}

Then in my method that actually does the search, do the same start/stop pair. Is that how start/stop is expected to be used?

--
Steve Mills
Drummer, Mac geek


_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: deny file-read-data after launch
      • From: Kyle Sluder <email@hidden>
References: 
 >deny file-read-data after launch (From: Steve Mills <email@hidden>)
 >Re: deny file-read-data after launch (From: Kyle Sluder <email@hidden>)

  • Prev by Date: Re: Am I Reinventing the Wheel? (Part I)
  • Next by Date: Re: NSURL resourceValuesForKeys NSURLPathKey
  • Previous by thread: Re: deny file-read-data after launch
  • Next by thread: Re: deny file-read-data after launch
  • Index(es):
    • Date
    • Thread