Re: Sandboxing question regarding ~/Pictures
Any chance you can create a simple case and see if it fails or succeeds? > On Sep 27, 2021, at 9:22 AM, Gabriel Zachmann via Cocoa-dev > wrote: > > Yes, my app does have that entitlement: > > com.apple.security.app-sandbox > > com.apple.security.application-groups > > V362FCBY2W.de.zach.ArtSaverGroup > > com.apple.security.assets.pictures.read-write > > com.apple.security.files.user-selected.read-write > > com.apple.security.get-task-allow > > com.apple.security.personal-information.photos-library > > > >> On 27. Sep 2021, at 15:41, Sandy McGuffog wrote: >> >> The sandbox is an enigma wrapped in a mystery. But you might need to look at >> the the com.apple.security.assets.pictures.read-write entitlement >> > > ___ > > Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) > > Please do not post admin requests or moderator comments to the list. > Contact the moderators at cocoa-dev-admins(at)lists.apple.com > > Help/Unsubscribe/Update your Subscription: > https://lists.apple.com/mailman/options/cocoa-dev/zav%40mac.com > > This email sent to z...@mac.com ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Sandboxing question regarding ~/Pictures
Yes, my app does have that entitlement: com.apple.security.app-sandbox com.apple.security.application-groups V362FCBY2W.de.zach.ArtSaverGroup com.apple.security.assets.pictures.read-write com.apple.security.files.user-selected.read-write com.apple.security.get-task-allow com.apple.security.personal-information.photos-library > On 27. Sep 2021, at 15:41, Sandy McGuffog wrote: > > The sandbox is an enigma wrapped in a mystery. But you might need to look at > the the com.apple.security.assets.pictures.read-write entitlement > smime.p7s Description: S/MIME cryptographic signature ___ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Sandboxing question regarding ~/Pictures
The sandbox is an enigma wrapped in a mystery. But you might need to look at
the the com.apple.security.assets.pictures.read-write entitlement
> On Sep 27, 2021, at 3:30 PM, Gabriel Zachmann via Cocoa-dev
> wrote:
>
> I guess i still haven't understood something about sandboxing or entitlements.
>
> I am trying to access the user's ~/Pictures folder, and also create a
> security-scoped bookmark (SSB) for that folder.
>
> Under the target's Signing & capabilities section, File Access Type, I have
> set "Pictures Folder" to read/write.
>
> Getting the path using this
>NSURL * pic_dir = [ [NSFileManager defaultManager] URLForDirectory:
> NSPicturesDirectory
> inDomain:
> NSUserDomainMask
> appropriateForURL:
> nil create: NO error: &err];
>
> and doing a spotlight search over the folder works just fine.
>
> However, creating a SSB for pic_dir does not work.
>
> I am trying to create it like this:
>
>NSData * dir_bookmark = [dir bookmarkDataWithOptions:
> NSURLBookmarkCreationWithSecurityScope
> includingResourceValuesForKeys: nil
>relativeToURL: nil
>error: &systemError];
>
> But I get this error:
>
> Error Domain=NSCocoaErrorDomain Code=256 "Could not open() the item"
> UserInfo={NSURL=file:///Users/zach/Library/Containers/de.zach.ArtSaverApp/Data/Pictures/,
> NSDebugDescription=Could not open() the item}!
>
>
> All of this is happening under macOS 11.5.2 .
>
> Any insights will be highly appreciated.
> G.
>
> ___
>
> Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
>
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>
> Help/Unsubscribe/Update your Subscription:
> https://lists.apple.com/mailman/options/cocoa-dev/mcguffogl%40gmail.com
>
> This email sent to mcguff...@gmail.com
___
Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to arch...@mail-archive.com
Sandboxing question regarding ~/Pictures
I guess i still haven't understood something about sandboxing or entitlements.
I am trying to access the user's ~/Pictures folder, and also create a
security-scoped bookmark (SSB) for that folder.
Under the target's Signing & capabilities section, File Access Type, I have set
"Pictures Folder" to read/write.
Getting the path using this
NSURL * pic_dir = [ [NSFileManager defaultManager] URLForDirectory:
NSPicturesDirectory
inDomain:
NSUserDomainMask
appropriateForURL: nil
create: NO error: &err];
and doing a spotlight search over the folder works just fine.
However, creating a SSB for pic_dir does not work.
I am trying to create it like this:
NSData * dir_bookmark = [dir bookmarkDataWithOptions:
NSURLBookmarkCreationWithSecurityScope
includingResourceValuesForKeys: nil
relativeToURL: nil
error: &systemError];
But I get this error:
Error Domain=NSCocoaErrorDomain Code=256 "Could not open() the item"
UserInfo={NSURL=file:///Users/zach/Library/Containers/de.zach.ArtSaverApp/Data/Pictures/,
NSDebugDescription=Could not open() the item}!
All of this is happening under macOS 11.5.2 .
Any insights will be highly appreciated.
G.
smime.p7s
Description: S/MIME cryptographic signature
___
Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com
This email sent to arch...@mail-archive.com
