Re: improving the Seatbelt system
Re: improving the Seatbelt system
- Subject: Re: improving the Seatbelt system
- From: Michael Roitzsch <email@hidden>
- Date: Mon, 28 Jan 2008 14:03:13 +0100
Hi,
The main area I'm interested in is dealing with user intent - e.g.
it would be really nice if there was a simple way for an
application to say that it will only use the standard paths (e.g. ~/
Library/{Application Support,Preferences,Cache}/com.example.app.*)
and anything which the user has selected in a standard open/save
dialog, drag-and-drop, etc. which appears to be currently
impossible short of creating a separate process and using IPC.
Indeed. Currently there are architectural restrictions that make
this sort of thing tricky. That's one of the reasons that Seatbelt
is not yet considered a public API.
Please /do/ file your enhancements requests; I don't think the
Seatbelt folks are on this list, but I can guarantee that they will
see any formal enhancement requests that you file.
Thanks for the note. I will file an enhancement request then. I think
a solution along the lines of model-carrying code could be a quite
pragmatic solution to deal with user intent, as it should be trivial
to validate a policy like the one suggested by Chris (only allow apps
to write to ~/Library/Application Support/com.example.app and so on)
against a syscall model of an application.
Michael
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden