• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: XPC Services & non-Sandboxed Applications
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: XPC Services & non-Sandboxed Applications

  • Subject: Re: XPC Services & non-Sandboxed Applications
  • From: SevenBits <email@hidden>
  • Date: Thu, 23 Jul 2015 10:32:33 -0400
On Sat, Jul 18, 2015 at 1:36 PM, Quincey Morris <
email@hidden> wrote:

> On Jul 18, 2015, at 07:26 , SevenBits <email@hidden> wrote:
>
>
> 1) Apple’s docs say that non-document based apps don’t get sandboxing
> support automatically handled for them, requiring the manual use of the
> NSFile* APIs.
>
>
> I’m not sure what you mean by “sandboxing” here — and in your thread
> title, since you’re clearly asking about sandboxed apps. Sandboxed apps get
> sandboxing support automatically, by definition, and they’re not
> non-sandboxed, by definition!
>

What I meant was that apps which are not based on NSDocument do not,
according to Apple, automatically get behavior which is compatible with the
sandbox. Apple says that if we choose to go this route, you have to
co-ordinate access to the file manually using the NSFileCoordinator API and
its friends.


>
> Anyway, I think you’ll find the answer in here:
>
> https://devforums.apple.com/thread/142513?start=0&tstart=0
>
>
Okay, I'm taking a look at that link now.


> but you have to read it very carefully because it winds around. If I
> understand it correctly, the answer is that if the main app has secure
> (sandbox-compatible) access to a NSURL, then you can send plain
> (non-security-scoped) bookmark data to an XPC process and it will have
> access too, when it reconstitutes the NSURL.
>
> In particular, you should *not* send a security scoped bookmark to the XPC
> process, and you shouldn’t send a “suitable for bookmark file” bookmark
> either. Just a plain one.
>

That's a bit counter to my expectations. Nevertheless, I'll try these
suggestions.

Just to be sure: sandboxed apps still receive full access to files that the
user opens, correct? So if a user drags a file onto my app or opens it from
the Open dialog, my app is able to access it, correct?


>
> (The access in the XPC process is “transient”, in the sense that it can’t
> save what it gets as a security-scoped bookmark for later sessions, it can
> only use the URL in its current session.)
>

That's completely fine for my purposes.
_______________________________________________

Cocoa-dev mailing list (email@hidden)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: XPC Services & non-Sandboxed Applications
      • From: Quincey Morris <email@hidden>
References: 
 >Re: XPC Services & non-Sandboxed Applications (From: Quincey Morris <email@hidden>)

  • Prev by Date: Re: AudioQueueDispose delay
  • Next by Date: Re: XPC Services & non-Sandboxed Applications
  • Previous by thread: Re: XPC Services & non-Sandboxed Applications
  • Next by thread: Re: XPC Services & non-Sandboxed Applications
  • Index(es):
    • Date
    • Thread