On Jun 24, 2013, at 2:00 AM, Pax <45rpmli...@googlemail.com> wrote: > I can't see how it breaches the sandbox to load plugins from anywhere - no > files are being modified (just code loaded from the plugin), and the plugin > is subject to my application's sandbox privileges (and thus unable to do > anything bad). Surely, therefore, an application should be able to load a > plugin from anywhere?
A sandboxed application isn't allowed to read any user data from outside the sandbox without additional entitlements or user confirmation. It would be hard for the sandbox enforcer to distinguish "reading a plugin from ~/Library" from "reading the user's address book from ~/Library", and the latter is one of the threats that the sandbox is supposed to stop. -- Greg Parker gpar...@apple.com Runtime Wrangler _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com