Re: [sqlite] sqlite and Mac App Store sandbox

[Simon Slavin]

On 18 Mar 2013, at 7:02pm, Marco Bambini  wrote:

> The main issue is that sqlite uses temporary files (next to the database 
> file) to store wal, shm or journal information.
> 
> Apple simply does not grant read/write privileges on non user specifically 
> selected files… so there is no way for sqlite to create temporary information.
> A solution could be to just set journal_mode to MEMORY but database got 
> corrupted in case of crash or power off and does not seem a very good 
> solution.
> Another solution could be to have the ability to specify a directory for all 
> these files… but there could be a lot of side effect.

That last option of yours is the one which seems likely to be most useful.  
Under iOS and sandboxed apps each user and each app does have its own place 
here where private files or folders can be safely stored.  The operating system 
does supply a call which returns the path to this folder.  So it seems like 
simple tests ("Am I running under MacOS ?  Then use this call to return the 
path for temp files.") are the way to go.  One way to find these useful 
directories is to use the '$' variables listed at the end of this page:



You can implement this yourself for an existing SQLite version using this call:



but it may be possible to build this behaviour into SQLite so if you do not 
call that function SQLite still automatically does The Right Thing under iOS 
and OS X.  That's something for the SQLite development team to pick over.

An alternative to what's written above is to create a convention that all 
SQLite-using sandboxed apps will share joint rights to an "App group container 
directory", which would be used for all SQLite temporary files.  This is done 
by specifying the app group and its directory in the settings for the sandboxed 
apps and the SQLite team would have to develop a standard for that, probably as 
a short page on the SQLite web server with a few lines of code and screenshots 
on it.  Some of what's needed is described here:



For those of you not familiar with Mac OS X having trouble understanding this 
/you are not stupid/.  These things are fiddly and annoying aspects of OS X and 
are described only in terms of other OS X terms.  Even experienced Mac users 
hate them.  So if you read that document and don't understand it, it just means 
you're not a genius.

Simon.
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

Re: [sqlite] sqlite and Mac App Store sandbox

[Petite Abeille]

On Mar 18, 2013, at 8:02 PM, Marco Bambini  wrote:

> Anyone have another solution?

You may have better luck at  .

In the meantime:

http://developer.apple.com/library/mac/#documentation/Security/Conceptual/AppSandboxDesignGuide/MigratingALegacyApp/MigratingAnAppToASandbox.html
___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users

[sqlite] sqlite and Mac App Store sandbox

[Marco Bambini]

Seems like new sqlite based applications will have a lot of troubles to be 
accepted in the Mac App Store thanks to strictly sandbox policies.
The main issue is that sqlite uses temporary files (next to the database file) 
to store wal, shm or journal information.

Apple simply does not grant read/write privileges on non user specifically 
selected files… so there is no way for sqlite to create temporary information.
A solution could be to just set journal_mode to MEMORY but database got 
corrupted in case of crash or power off and does not seem a very good solution.
Another solution could be to have the ability to specify a directory for all 
these files… but there could be a lot of side effect.

Please note that I also tried to set the
com.apple.security.temporary-exception.files.home-relative-path.read-write to 
all user's home folder
but Apple rejects all these settings.

Anyone have another solution?
Any help?
--
Marco Bambini
http://www.sqlabs.com
http://twitter.com/sqlabs
http://instagram.com/sqlabs



___
sqlite-users mailing list
sqlite-users@sqlite.org
http://sqlite.org:8080/cgi-bin/mailman/listinfo/sqlite-users