Michael Tsai
@rosyna Apple’s docs says "Enable App Sandbox to Minimize Damage from Malicious Code". https://developer.apple.com/library/mac/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/AboutEntitlements.html …
-
@drewthaler@mjtsai That actually happened to Twitter for Mac OS X a few years ago due to an image parsing bug.
Rosyna Keller
Drew Thaler
@rosyna @drewthaler Even for things that would never be approved in the Mac App Store, so that every Developer ID app can be sandboxed.
-
-
@mjtsai@drewthaler That's exactly how sandboxing works today on Mac OS X. - View other replies
-
@rosyna@drewthaler And it doesn’t, AFAIK, address APIs that area available but behave differently when the app is sandboxed. -
@mjtsai@drewthaler Which such APIs do that? There is a list of "temporary extensions" that are only temp for MAS https://developer.apple.com/library/mac/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/AppSandboxTemporaryExceptionEntitlements.html#//apple_ref/doc/uid/TP40011195-CH5-SW1 … - View other replies
-
@rosyna@drewthaler For example, -[NSWorkspace openFile:]. The rules have changed several times w/ OS versions and are not documented. -
@mjtsai@drewthaler What rules for openFile:? You just need to call startAccessingSecurityScopedResource: first to punch a hole in sandbox -
@rosyna@drewthaler No, there are cases where the document can't be opened if the app for it isn’t sandboxed, even if you punch a hole. -
@mjtsai@drewthaler Do you have an example of that? Because LaunchServices handles openFile. -
@rosyna@drewthaler Not handy. DTS eventually explained it to me; they were initially unaware, too. I fear more undocumented cases like this - Show more
-
-
-
@mjtsai@rosyna@drewthaler If such entitlements existed, a lot of Developer ID apps would be on the store. - View other replies
-
@ameaijou@rosyna@drewthaler No, I mean the entitlements should go beyond what Apple would accept in the store. -
@mjtsai@ameaijou@drewthaler There are entitlements non-MAS apps can use that MAS apps can't. -
@rosyna@ameaijou@drewthaler Yes, I’m saying there should be more. I don’t want to run into a road block *after* adopting sandboxing. -
@mjtsai@ameaijou@drewthaler But which ones are missing that you'd run into? - View other replies
-
@rosyna@ameaijou@drewthaler First issue is what’s not possible, even with non-MAS entitlements, at least in a documented/supported way.
-
Gwynne Raskind
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.