Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
Re: Default directory for opening files
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Default directory for opening files

>> A sandboxed app launches with it's current directory set to the apps container directory in which the app has unrestricted access.
> This will break a lot of existing java won't it?

Yes and No. Yes if you have hard coded paths or rely on no longer accessible paths like user.home. No in that the JVM works just fine sandboxed.

> Assuming user.dir is set to point to the container directory and you do just about everything off of this instead of off the users home directory or other external paths, then you can just use this as the root for your filesystem and the restrictions shouldn't bother you a whole lot.?

That's the basic idea, yes. The only issue you may encounter is the symlinks provided in your container may not lead to accessible parts of the filesystem if you haven't enabled the appropriate entitlements. But in those cases you'll get exceptions when restricted and should be able to handle it appropriately.

> It sounds like the file system will take care of a unique user space within the container?

Correct. The container is created prior to launching the app the first time.

> Lower level api's take care of separating this out so again will not be a java app concern?

Right, this is all done at a low level so even BSD/POSIX file calls are affected.

>  Your path will go to the correct unique directory without you having to manage this other than starting with the correct 'root' directory?

There's nothing for the app to do except observe the restrictions in which it's running.

> The 'true' path is determined in lower level i/o?

The true path is still accessible as it the entire filesystem, but outside the confines of the container access is restricted by entitlements first then by file permissions and ACLs. So it's really no different in that regard, there's just an additional set of restrictions to go through.

> Am I more or less understanding this correctly?

It sounds like you have a basic understanding :)

I highly recommend getting 10.7 or 10.8 installed and playing around with it, that's really the only way you're going to know how your application will be affected.


Do not post admin requests to the list. They will be ignored.
Java-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

 >Re: Default directory for opening files (From: David Leader <email@hidden>)
 >Re: Default directory for opening files (From: David DeHaven <email@hidden>)
 >Re: Default directory for opening files (From: Michael Hall <email@hidden>)

Visit the Apple Store online or at retail locations.

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2011 Apple Inc. All rights reserved.