Michael Tsai on Twitter: "@rosyna @drewthaler If it’s a Gatekeeper issue, it’s one that only applies when the launching process is sandboxed."

Country	Code	For customers of
United States	40404	(any)
Canada	21212	(any)
United Kingdom	86444	Vodafone, Orange, 3, O2
Brazil	40404	Nextel, TIM
Haiti	40404	Digicel, Voila
Ireland	51210	Vodafone, O2
India	53000	Bharti Airtel, Videocon, Reliance
Indonesia	89887	AXIS, 3, Telkomsel, Indosat, XL Axiata
Italy	4880804	Wind
3424486444	Vodafone
» See SMS short codes for other countries

Michael Tsai ‏@mjtsai Feb 15

@rosyna @drewthaler Even for things that would never be approved in the Mac App Store, so that every Developer ID app can be sandboxed.
Rosyna Keller ‏@rosyna Feb 15

@mjtsai @drewthaler That's exactly how sandboxing works today on Mac OS X.
Michael Tsai ‏@mjtsai Feb 16

@rosyna @drewthaler And it doesn’t, AFAIK, address APIs that area available but behave differently when the app is sandboxed.
Rosyna Keller ‏@rosyna Feb 16

@mjtsai @drewthaler Which such APIs do that? There is a list of "temporary extensions" that are only temp for MAS https://developer.apple.com/library/mac/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/AppSandboxTemporaryExceptionEntitlements.html#//apple_ref/doc/uid/TP40011195-CH5-SW1 …
Michael Tsai ‏@mjtsai Feb 16

@rosyna @drewthaler For example, -[NSWorkspace openFile:]. The rules have changed several times w/ OS versions and are not documented.
Rosyna Keller ‏@rosyna Feb 16

@mjtsai @drewthaler What rules for openFile:? You just need to call startAccessingSecurityScopedResource: first to punch a hole in sandbox
Michael Tsai ‏@mjtsai Feb 16

@rosyna @drewthaler No, there are cases where the document can't be opened if the app for it isn’t sandboxed, even if you punch a hole.
Rosyna Keller ‏@rosyna Feb 16

@mjtsai @drewthaler Do you have an example of that? Because LaunchServices handles openFile.
Michael Tsai ‏@mjtsai Feb 16

@rosyna @drewthaler Not handy. DTS eventually explained it to me; they were initially unaware, too. I fear more undocumented cases like this
Rosyna Keller ‏@rosyna Feb 16

@mjtsai @drewthaler Because restrictions on openFile: are mostly handled by Gatekeeper, not the sandbox.

‏@mjtsai

@rosyna @drewthaler If it’s a Gatekeeper issue, it’s one that only applies when the launching process is sandboxed.

6:10 PM - 16 Feb 2016

Michael TsaiVerified account

@mjtsai

Loading seems to be taking a while.

false

Saved searches

Michael TsaiVerified account

@mjtsai

Go to a person's profile

Saved searches

Retweet this to your followers?

Saved searches

Are you sure you want to delete this Tweet?

Promote this Tweet

Block

Add a location to your Tweets

Profile summary

Your lists

Create a new list

Copy link to Tweet

Embed this Tweet

Embed this Video

Preview

Log in to Twitter

Sign up for Twitter

Not on Twitter? Sign up, tune into the things you care about, and get updates as they happen.

Two-way (sending and receiving) short codes:

Confirmation

Buy Now

Hmm... Something went wrong. Please try again.

Welcome home!

Tweets not working for you?

Say a lot with a little

Spread the word

Join the conversation

Learn the latest

Get more of what you love

Find what's happening

Never miss a Moment

Loading seems to be taking a while.

Promoted Tweet

false