What is the entitlement to allow reading of file in a Mac OS X App? (deny file-read-data error)

人盡茶涼 提交于 2019-12-05 02:24:28

问题


I am making a Mac OS X App (sandboxed) which reads from an installed config file in /etc/myfolder. When I am trying to read the file using NSFileHandle, I am getting the following error in Console:

sandboxd: ([3251]) MyApp(3251) deny file-read-data /private/etc/myfolder/myconfig.conf

I have set the following entitlements in my Entitilements file, but I still get denied by sandboxd.

  • com.apple.security.temporary-exception.files.home-relative-path.read-only
  • com.apple.security.temporary-exception.files.absolute-path.read-only
  • com.apple.security.files.user-selected.read-only

EDIT: It seems that I have misused

com.apple.security.temporary-exception.files.absolute-path.read-only.

I set it as a Boolean. I was under the impression that setting it to YES will enable all file reads using absolute paths. The value of the above entitlement must be the absolute path that will be permitted.


回答1:


You need to use com.apple.security.temporary-exception.files.absolute-path.read-only and the absolute path /private/etc/myfolder/myconfig.conf - the (10.8.3) sandbox doesn't seem to accept the /etc/myfolder/myconfig.conf path containing the symbolic link.

Note: If you are sandboxing for the Mac App Store you will probably face a near impossible task getting your app accepted with a temporary entitlement to read files in /etc. You would be better off storing this file in your app's container - in the MAS every app is an island surrounded by shark infested waters.



来源:https://stackoverflow.com/questions/15894645/what-is-the-entitlement-to-allow-reading-of-file-in-a-mac-os-x-app-deny-file-r

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!