General:
DevForums tag: App Sandbox
App Sandbox documentation
App Sandbox Design Guide documentation — This is no longer available from Apple. There’s still some info in there that isn’t covered by the current docs but, with the latest updates, it’s pretty minimal (r. 110052019). Still, if you’re curious, you can consult an old copy [1].
App Sandbox Temporary Exception Entitlements archived documentation — To better understand the role of temporary exception entitlements, see this post.
Embedding a Command-Line Tool in a Sandboxed App documentation
Discovering and diagnosing App Sandbox violations (replaces the Viewing Sandbox Violation Reports DevForums post)
Resolving App Sandbox Inheritance Problems DevForums post
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] For example, this one archived by the Wayback Machine.
App Sandbox
RSS for tagApp Sandbox is a macOS access control technology designed to contain damage to the system and user data if an app becomes compromised.
Posts under App Sandbox tag
116 Posts
Sort by:
Post
Replies
Boosts
Views
Activity
I am developing a macOS app that requires the ability to create new files in the same directory as a user-selected file, but I am encountering permission issues due to the App Sandbox restrictions. While the user can select a file (e.g., a.jpg) using a standard open panel, I cannot create an adjacent file (e.g., a.jxl) in the same folder because the sandbox only grants access to the selected file, not to other files in the directory.
I understand that full disk access might be an option, but it requires user intervention and isn't suitable for this case. Is there any way to extend access to other files in the directory (including those not selected by the user) while remaining within the App Sandbox environment?
Hi, this is my app:
https://macsyzones.com
Here, a video that demonstrates my app:
https://www.youtube.com/watch?v=0jNx3ZUD8Rw
It's a very cute window management app with unique features. It needs Accessibility Permission but App Store requires App Sandbox enabled which makes to request Accessibility Permission impossible.
How can I submit my app without App Sandbox enabled to Apple?
Apple can review the code and build it themselves? There are apps that uses Accessibility Permissions on App Store as I can see. Hope you help to have my app on App Store, it will be very good. 😇
I hope you'll give my app a place on App Store. 🥳
Thank you.
Project Background:
I developed a Mac project using Electron and VSCode
Successfully uploaded the packaged pkg using Transporter,
However, I will receive an email informing me that there are some issues with the project:
ITMS-90296: App sandbox not enabled - The following executors must include the 'com. apple. security. app sandbox' entitlement with a Boolean value of true in the entitlement property list: [[com. electron. iflyrecclient. pkg/Payload/iFlytek Listen. app/Contents/MacOS/iFlytek Listen]]
ITMS-90886: 'Cannot be used with TestFlight because the signature for the bundle at' iFlytek hears. app 'is missing an application identifier but has an application identifier in the provisioning profile for the bundle.' Bundles with application identifiers in the provisioning profile are expected to have the same identifier signed into the bundle in order to be eligible for TestFlight.'
Here is my packaging process:
Generate an app using the electron packager tool
Sign the app using @ electron osx sign (version 1.3.1)
After signing, use
productbuild - component Yourappname App/Applications - sign "3rd Party Mac Developer Installer: * * * * * (XXXXXXXXXX)" Yourappname. pkg
command generates pkg
PS:
For the second step, I have set sand box=true in both entitlents.plist and entitlents.macinheriting. plist. And after signing, using
codesign -dvvv -- entitiements - /path
to view the app file shows' checkbox=true ', and the [iFlytek Listen. app/Contents/MacOS/iFlytek Listen] file in the issue also exists.
Using the Suspicious Package software to view pkg also has sandbox=true.
A few months ago, I uploaded it once and the issues mentioned in the email did not appear. The only changes were the macOS system version number and the replacement of the signature with provisionprofileprovisionprofile.
I have reviewed similar issues on the Apple Developer Forums, but have not been resolved
Hello!
I encountered an issue while packaging and uploading the project to the Mac store. I received an email stating:
ITMS-90296: App Sandbox not enabled - The following executors must include the 'com. apple. security. app sandbox' entitlement with a Boolean value of true in the entitlement property list: [[com. electron. iflyrecclient. pkg/Payload/iFlytek Listen. app/Contents/MacOS/iFlytek Listen]] Refer to App Sandbox page at https://developer.apple.com/documentation/security/app_sandbox for more information on sandboxing your app.
Though you are not required to fix the following issues, we wanted to make you aware of them:
ITMS-90886: 'Cannot be used with TestFlight because the signature for the bundle at' iFlytek hears. app 'is missing an application identifier but has an application identifier in the provisioning profile for the bundle.' Bundles with application identifiers in the provisioning profile are expected to have the same identifier signed into the bundle in order to be eligible for TestFlight.'
But in my memory, the sandbox was set to true. I have also tried the methods in the forum, but they have not been resolved,I hope you can help me see what happened. Here are the specific situations I developed,
This project is built and developed using electron9;
The entire project was not developed using Xcode;
The specific process of packaging into pkg is as follows:
Step 1: Use an electron packager to package the app file
Step 2: Use electron/osx sign to sign the entire app file (with options such as entitlement and provisioning profile configured)
Step 3: Use the productbuild -- component Yourappname. app/Applications -- sign "3rd Party Mac Developer Installer: *** *** (XXXXXXXXXX)" Yourappname. pkg command to generate the pkg package
Step 4: Upload to transporter
The above operations were executed normally, and after the second step of signing, using the codesign dvvv -- entities -provided on the official website to query also showed that the sandbox was true. However, after the upload was successful, you will receive an email showing an issue, and the corresponding uploaded version cannot be found on the app connect website
Hope to receive your answer. Wishing you good health and smooth work!
PS: When generating the app, there is no sandbox related configuration in Info.Plist in the app content package. Is this normal? I checked the info.Plist of Google Chrome, Sogou Input Method and other software, and there is no sandbox configuration. Moreover, I tried manually adding it and then packaging it, but also encountered the same email problem.
When my macOS app (currently in TestFlight and set for Mac App Store distribution) tries to terminate another app, both terminate() and forceTerminate() consistently return false. However, I can retrieve a list of all running applications so some related APIs do work.
I suspect this limitation is due to sandboxing. I have three questions:
Is there any permission or entitlement I can add in Xcode to allow my app to terminate other applications?
If no such permission exists, is there a way to guide users on how to launch my app (distributed through the Mac App Store) without sandboxing? For example, could they set it up to launch as a daemon or agent?
If unsandboxing is impossible, would I need to create a separate target specifically without sandboxing? In other words, my MacOS app would communicate with my unsandboxed daemon that would do all the terminate()-ing?
Hello,
It seems that an App Store version App uses a default sandbox configuration. However, my app contains multiple binaries, and I would like to apply additional sandbox restrictions to a specific binary.
Is it possible to set different sandbox rules for different binaries within the same app?
Thank you for your help!
Hello everyone,
We develop an app called Unite (bundle ID: com.BZG.Unite), which allows users to create standalone macOS applications from websites. These user-generated apps are based on a backend browser template called DefaultApp (bundle ID: com.bzg.default.app). Here's how our setup works:
Unite and DefaultApp: Both are signed with our Developer ID and include necessary provisioning profiles and entitlements.
User-Created Apps: When a user creates an app with Unite, it generates a customized version of DefaultApp with the user's chosen name and settings. These apps are ad-hoc signed upon creation to reflect their unique identity.
Issue
Since updating to macOS 15, every time a user launches a created app, they encounter a persistent prompt asking for permission to access files outside the app's container. Granting full disk access in System Preferences suppresses the prompt, but this is not a practical solution for end-users.
Upon launching a user-created app (e.g., "ExampleTest"), the following prompt appears:
This prompt appears on every launch of the app.
Steps to Reproduce
On a Mac running macOS 15, create a new app using Unite (e.g., "ExampleTest").
Launch the newly created app.
Observe the prompt requesting access to files outside the app's container.
Close and relaunch the app; the prompt appears again.
What We Have Tried
Given that our apps use an app group (group.BZG.unite.sharedData) to share data between Unite, DefaultApp, and user-created apps, we believe this is triggering the prompt due to changes in System Integrity Protection (SIP) in macOS 15. We are further confident given that if the user does not allow access, the app does launch, but shows an error indicating that the created app was unable to access the data that is typically in the shared group.
Here’s a summary of our troubleshooting efforts:
1. Adjusting App Group Configuration
Ensured the app group name aligns with Apple's guidelines, including prefixing with the Team ID (teamid.group.BZG.unite.sharedData).
Verified that the app group is correctly declared in the com.apple.security.application-groups entitlement.
2. Provisioning Profile Creation
Generated provisioning profiles via Xcode and the Developer Console, ensuring the app group entitlement is included.
Applied the provisioning profile to the user-created app during code signing.
Despite these efforts, the issue continues.
3. Entitlements and Code Signing
Created an entitlements file for the user-created app, mirroring the entitlements from DefaultApp, including:
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "https://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.application-identifier</key>
<string>id.com.BZG.ExampleTest</string>
<key>com.apple.developer.team-identifier</key>
<string>id</string>
<key>com.apple.security.application-groups</key>
<array>
<string>id.group.BZG.unite.sharedData</string>
</array>
<key>com.apple.security.app-sandbox</key>
<true/>
</dict>
</plist>
Signed the user-created app with our Developer ID and the provisioning profile
Verified the entitlements
4. Reviewing System Logs
Observed error messages indicating unsatisfied entitlements:
message: com.BZG.ExampleTest: Unsatisfied entitlements: com.apple.security.application-groups
**5. Consulting Documentation and WWDC Sessions
**
Referenced post on App Groups in macOS vs iOS.
Reviewed the macOS 15 Release Notes regarding SIP and app group container protection.
Watched WWDC 2024 Session 10123: What's new in privacy, starting at 12:23.
Questions
Is there a way to authorize the com.apple.security.application-groups entitlement in the provisioning profile for ad-hoc signed apps?
Given the SIP changes in macOS 15, how can we enable our ad-hoc signed, user-generated apps to access the app group container without triggering the persistent prompt?
Are there alternative approaches to sharing data between the main app and user-generated apps that comply with macOS 15's SIP requirements?
Is there anything to try that we're missing here to solve this?
Any guidance on how to resolve this issue or workarounds to allow app group access without triggering the prompt would be greatly appreciated.
Thank you for your assistance!
I have existing macOS application(pkg distribution) and now I need to release App Store version
I need to move all files from "Documents/My App" to app container
however container migration doesn't work in some cases
I've tested TestFlight build:
migration works fine if Mac uses Local Documents folder
migration doesn't work if Mac uses iCloud Documents and Desktop folders
Is there some way to fix this?
container-migration.plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Move</key>
<array>
<string>${Documents}/My App</string>
</array>
</dict>
</plist>
Hi,
I have recently encountered an app with some odd behaviour and wanted to clarify some details about the way sandboxing works with iOS apps installed on a Mac. I am unsure whether this is due to a misunderstanding of system behaviour or whether this is a bug.
The app was installed from the Mac App Store, designed for iPad.
The developer of the app informed me that in lieu of a sign-in process, the app tries to persistently store a UUID of the user on the device so that when the app is deleted and reinstalled, the user is automatically logged in again.
The developer says that two mechanisms are being used: 1) NSUserDefaults (via Flutter shared prefs) and 2) identifierForVendor.
In the case of 1), my understanding is that these are managed by cfprefsd. Using the 'defaults domain' command, the domain of the app appears. However, there are no keys or values stored. Using the 'defaults write' and 'defaults read' and 'defaults delete' commands on that bundle identifier works as expected, but since it starts out empty, it cannot be read or deleted.
Furthermore, the app's data is supposed to be sandboxed in /Library/Containers. When the app is uninstalled from Launchpad, I have confirmed that the folder is missing. When reinstalled, the app's settings and data are missing, but crucially, the cloud identifier is still persistent and is evident after 'setup'.
In the case of 2), the developer documentation states that identifierForVendor changes when all apps from a developer have been removed from a device. The app in question is the only app that was installed from this developer, so logically this identifier should have changed when the app was deleted and reinstalled.
I have confirmed that iCloud drive is not being used to store this data as there is no data in iCloud for this app.
In any case, when the app is uninstalled and reinstalled, the app automatically logs the user into the "account" it was previously logged into, along with all of that user's data in the cloud.
I have a sense that this type of persistent identifier tracking is what sandboxing was meant to address, but I am unsure why I have been unable to remove the UUID tag from my system. Any insight would be greatly appreciated!
Hello Apple Community, many thanks in advance for your help.
My macOS app embeds a Python interpreter, compiled from source, including the Python executable and its associated libraries.
The top-level app is built with Xcode 16.1 and it's written 100% in Swift6.
For test purposes we are running the app on MacOS Sequoia 15.0, 15.1 and Sonoma 14.4.
The app can be downloaded via TestFlight and Console app shows the next errors:
Crash Reports
python3.11
Application Specific Signatures:
Unable to get bundle identifier for container id python3: Unable to get bundle identifier because Info.plist from code signature information has no value for kCFBundleIdentifierKey.
tccd process error
Prompting policy for hardened runtime; service: kTCCServiceAppleEvents requires entitlement com.apple.security.automation.apple-events but it is missing for accessing={TCCDProcess: identifier=[IDENTIFIER]], pid=62822, auid=502, euid=502, binary_path=[PATH TO SAMPLEAPP]]}, requesting={TCCDProcess: identifier=com.apple.appleeventsd, pid=577, auid=55, euid=55, binary_path=/System/Library/CoreServices/appleeventsd},
The next documents were helping a lot to reach the current state althought sometimes I was not sure how to apply them in this python interpreter context:
Signing a daemon with a restricted entitlement
Embedding a command-line tool in a sandboxed app
XPC Rendezvous, com.apple.security.inherit and LaunchAgent
Placing content in a bundle
There are a lot of details that I will try to explain in the next lines.
Once archived the app, it looks like this:
SampleApp.app
SampleApp.app/Contents
SampleApp.app/Contents/Info.plist
SampleApp.app/Contents/MacOS
SampleApp.app/Contents/MacOS/SampleApp
SampleApp.app/Contents/Resources
SampleApp.app/Contents/Resources/Python.bundle
And this is how Python.bundle looks like:
Python.bundle/Contents
Python.bundle/Contents/Info.plist
Python.bundle/Contents/Resources
Python.bundle/Contents/Resources/bin
Python.bundle/Contents/Resources/bin/python3.11 <- Python executable
Python.bundle/Contents/Resources/lib
Python.bundle/Contents/Resources/lib/python3.11 <- Folder with python libraries
This is the Info.plist associated with Python.bundle:
<dict>
<key>CFBundleIdentifier</key>
<string>com.sampleapp.app.Python</string>
<key>CFBundleName</key>
<string>Python</string>
<key>CFBundleVersion</key>
<string>1.0</string>
<key>CFBundlePackageType</key>
<string>BNDL</string>
</dict>
For some reason Bundle Identifier is ignored.
Created a Python target and added to the main app, I selected the Bundle template.
In Python target I made the next customizations:
Enabled the Skip Install (SKIP_INSTALL) build setting.
Disabled the Code Signing Inject Base Entitlements
Added entitlements com.apple.security.inherit to it, with a Boolean value of true.
Tried to set
Other Code Signing Flags (OTHER_CODE_SIGN_FLAGS)
build setting to:
$(inherited) -i $(PRODUCT_BUNDLE_IDENTIFIER)
But I had to remove it because I could not get rid of this error
"-i com.sampleapp.app.Python: No such file or directory"
Created a python.plist and set it in the Packaging Build Settings section.
I set Generate Info.plist File to No
In this document:
Embedding a command-line tool in a sandboxed app
Says:
"Add the ToolX executable to that build phase, making sure Code Sign On Copy is checked."
But I could not do it to avoid duplicates, since the bundle itself contains the executable too. I'm not sure how to handle this case.
Tried to add python3.11 executable in the bundle MacOS folder, but bundle executableURL returned nil and I could not use python from the code.
This is how I get Python bundle from code:
static var pythonBundle: Bundle? {
if let bundlePath = Bundle.main.path(forResource: "Python", ofType: "bundle"),
let bundle = Bundle(path: bundlePath) {
return bundle
}
return nil
}
Created Python.entitlements with the next key-values:
<key>com.apple.security.app-sandbox</key>
<true/>
and it is used in an Archive Post-action of SampleApp, in order to sign the python executable of Python.bundle as follows:
codesign --force --options runtime --timestamp --entitlements "$ENTITLEMENTS_PATH" --sign "$DEVELOPER_ID_APPLICATION" "$ARCHIVE_PATH"
The reason of using an Archive Post-action is becauses signing from a Python.bundle Build phase was generating errors related to Sandboxing.
These are the entitlements to codesign SampleApp:
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.files.user-selected.read-only</key>
<true/>
<key>com.apple.security.inherit</key>
<true/>
</dict>
Most probably I was mixing concepts and it seems created some confusion.
We would really love to get some advice,
Thanks!
Context
I'm working on a Mail.app plugin. I would like to disseminate plugin via AppStore.
I'm interested in exposing a functionality to user enabling user to choose if plugin should apply to all or selected email account.
My intention is to use AppleScript to get a list of available email accounts and expose the list to the end-user via SwiftUI
Sourcing account information
Apple Script
I'm using the following AppleScript
tell application "Mail"
set accountDict to {}
repeat with acc in accounts
set accName to name of acc
set accEmails to email addresses of acc
set accountDict's end to {accName:accEmails}
end repeat
return accountDict
end tell
The above generates expected results when executed using Script Editor.
Swift Implementation
This is still incomplete but shows the overall plan.
//
// EmailAccounts.swift
import Foundation
enum EmailScriptError: Error {
case scriptExecutionError(String)
}
struct EmailAccounts {
func getAccountNames() -> [String]? {
let appleScriptSource = """
tell application "Mail"
set accountDict to {}
repeat with acc in accounts
set accName to name of acc
set accEmails to email addresses of acc
set accountDict's end to {accName:accEmails}
end repeat
return accountDict
end tell
"""
var error: NSDictionary?
var accountNames: [String] = []
// Create script object, exit if fails
guard let scriptObject = NSAppleScript(source: appleScriptSource) else {
return nil
}
// Execute script and store results, nil on error
let scriptResult = scriptObject.executeAndReturnError(&error)
if error != nil { return nil }
// Iterate over results
for index in 0...scriptResult.numberOfItems {
if let resultEntry = scriptResult.atIndex(index) {
if let resultString = resultEntry.stringValue {
// Process result handling
// accountNames.append(resultString)
}
}
}
return accountNames
}
}
Questions
Most important one, can I deploy the App on the App Store and use NSAppleScript as shown above?
If yes can I use the script in the manner shown above or will I need to store the script in User > Library > Application Scripts location and source it from there. This is outlined in the Scripting from a Sandbox article by Craig Hockenberry, which I cannot link due to being hosted within a not-permitted domain.
If yes what entitlements I need to give to the target.
I understand that I wouldn't be able to use ScriptingBridge, which feels more robust but wouldn't permit me to deploy the app on the AppStore.
My key objective is to programatically identify mail accounts available to Mail.app, if there is a wiser / easier way of doing that I would be more than receptive.
I'm trying to display my images in a tableView, I'm using NSFIleManager and NSDirectoryEnumerator to get all files in the current folder:
NSString *path = @"/Users/eagle/Documents/avatars";
NSFileManager *fileManager = NSFileManager.defaultManager;
NSDirectoryEnumerator *directoryEnum = [fileManager enumeratorAtPath:path];
NSString *file;
while (file = [directoryEnum nextObject])
{
// ...
}
the problem is that this line
file = [directoryEnum nextObject]
always returns nil, what gives?
I already made sure that this folder has no subfolders and contains only images, so what's the problem here?
Hi Apple community,
many thanks in advance for your help.
My macOS app embeds a Python interpreter, compiled from source, including the Python executable and its associated libraries.
We have tried compiling the project with Xcode 16.0 and 16.1 beta 2 over MacOS Sequoia 15.0 and 15.1
This is how the project looks like:
SampleApp.app
SampleApp.app/Contents
SampleApp.app/Contents/MacOS
SampleApp.app/Contents/MacOS/SampleApp
SampleApp.app/Contents/MacOS/bin
SampleApp.app/Contents/MacOS/bin/python3.11
SampleApp.app/Contents/Resources
SampleApp.app/Contents/Resources/lib
SampleApp.app/Contents/Resources/lib/python3.11
SampleApp.app/Contents/Resources/Info.plist
Since we want to 'initially' distribute the app directly, Python binary is signed as follows:
codesign --deep --force --options runtime --timestamp --sign "$DEVELOPER_ID_APPLICATION" "$BINARY_PATH"
App entitlements contain the next entries:
&lt;key&gt;com.apple.security.app-sandbox&lt;/key&gt;
&lt;true/&gt;
&lt;key&gt;com.apple.security.files.downloads.read-write&lt;/key&gt;
&lt;true/&gt;
&lt;key&gt;com.apple.security.files.user-selected.read-only&lt;/key&gt;
&lt;true/&gt;
&lt;key&gt;com.apple.security.files.user-selected.read-write&lt;/key&gt;
&lt;true/&gt;
&lt;key&gt;com.apple.security.network.client&lt;/key&gt;
&lt;true/&gt;
&lt;key&gt;com.apple.security.network.server&lt;/key&gt;
&lt;true/&gt;
The resulting app is signed with entitlements, notarised and stapled.
Once the app is running, we can see the next error on Console:
Prompting policy for hardened runtime; service: kTCCServiceAppleEvents requires entitlement com.apple.security.automation.apple-events but it is missing for accessing={TCCDProcess: identifier=[IDENTIFIER]], pid=58826, auid=502, euid=502, binary_path=[PATH]}, requesting={TCCDProcess: identifier=com.apple.appleeventsd, pid=824, auid=55, euid=55, binary_path=/System/Library/CoreServices/appleeventsd},
Python process is not running, we can't see any AMFI message.
Next we added to Signing and Capabilities 'Apple Events' from Hardened Runtime section.
The resulting app gets signed, notarised and stapled, but when running we get only the next errors:
error 09:42:32.787744+0200 SampleApp Can't find or decode reasons
error 09:42:32.787832+0200 SampleApp Failed to get or decode unavailable reasons
Just in case it is relevant, this is how the app interacts with Python:
process.executableURL = URL(fileURLWithPath: [PATH_TO_PYTHON_BIN])
process.environment = environment
process.arguments = arguments
process.standardOutput = pipe
try process.run()
process.waitUntilExit()
We truly appreciate any guidance, help or advice.
Thanks!!
Hello,
with macOS Sequoia I've observed a sudden, substantial surge in reports about the Mac App Store version of my app Yoink no longer accepting files dropped to it, with the following message being logged in Console.app:
08:16:05.516307+0200 Yoink ---Yoink Error--- Could not create NSURL bookmark for /Users/<redacted>/Downloads/<redacted>/<redacted>.txt
err: Error Domain=NSCocoaErrorDomain Code=256 "Failed to retrieve app-scope key" UserInfo={NSDebugDescription=Failed to retrieve app-scope key}
The code line that causes this is the following:
NSData *bmData = [fileURL bookmarkDataWithOptions:NSURLBookmarkCreationWithSecurityScope
includingResourceValuesForKeys:nil
relativeToURL:nil
error:&err];
Sometimes a relaunch of Yoink, or a restart of the Mac resolves the issue, but only temporarily. Other times, even a restart doesn't work, but running
tccutil reset All at.EternalStorms.Yoink
in Terminal and then restarting the Mac works (again, temporarily).
The trial version and Setapp versions of my app both work as expected, however.
I myself cannot reproduce this issue, so any pointers would be greatly appreciated.
(This might be considered a follow up to https://developer.apple.com/forums/thread/46583 , years back)
Thanks a ton,
– Matthias
Hi, so as I understand it is not possible to know what all possible sources of files are available on iOS using some api call (by sources I mean smb shares connected, iCloud, gdrive, etc), the only paths I can get are the app sandbox, app group container and the same on iCloud. I can get the list of mount points in macOS using getmntinfo(), app/group sandbox and apart from these whatever standard locations I have given access to to my sandboxed app. Are there other paths that I can get?
I want to know how I can determine the volume given a user picks a file using a file picker. Say, they picked 10 files from gdrive and another 5 from local storage. If I encounter some errors on the files from gdrive I want to stop working on all 10 of them but to do that I need to be able to determine that that are on this particular volume. Is there a way to do this programmatically?
Ex: gdrive on iOS : "/private/var/mobile/Containers/Shared/AppGroup/6208BBEE-24BF-4CC9-A9ED-846F987C0442/File Provider Storage/39822865/1P8WD1tWEaq81ZB_DodTTZhXm0p00QaF7/test.txt"
on MacOS:
"/Users/username/Library/CloudStorage/GoogleDrive-useremailid/My Drive"
Before updating to macOS 15 Sequoia, I used to be able to create file bookmarks with this code:
let openPanel = NSOpenPanel()
openPanel.runModal()
let url = openPanel.urls[0]
do {
let _ = try url.bookmarkData(options: [.withSecurityScope])
} catch {
print(error)
}
Now I get an error
Error Domain=NSCocoaErrorDomain Code=256 "Failed to retrieve app-scope key"
These are the entitlements:
com.apple.security.app-sandbox
com.apple.security.files.user-selected.read-write
com.apple.security.files.bookmarks.app-scope
Strangely, my own apps continued working, after updating to macOS 15 some days ago, until a few moments ago. Then it seems that all of a sudden my existing bookmarks couldn't be resolved anymore, and no new bookmarks could be created. What could be the problem?
I'm using the SwiftUI .fileImporter() modifier to present a file open panel to the user, and then I access the returned file URL using String(contentsOf:encoding:). Then I get an error, "The file “order_history.csv” couldn’t be opened because you don’t have permission to view it."
The thing is, my app (recently created in Xcode 16.1 beta from macOS template) has the User Selected File entitlement set to "Read Only." It should allow reading such a file, should it not?
I am trying to open external/mounted storage in Finder. I simply just want to show the root directory. I have tried multiple things, none worked.
NSWorkspace.shared.open()
Does work when opening the user's disk (e.g. Macintosh HD), but when comes to any of the external storages a warning appears: "The application "ABC" does not have permission to open "Folder Name".
Now, the app ha been granted all permissions in the preferences (Full Disk Access + Files and Folders). Furthermore, I don't even need or care of accessing this directory from within my app. I want the Finder to open it.
I am using com.apple.security.files.user-selected.read-only and testing on MacOS: 14.6.1
Hi,
I developed a utility app that allows monitoring system activity and usage. It is a sandboxed app distributed via the Mac App Store. Because in the sandbox I cannot fetch enough data about system activity (like processor temperature, fans, etc.), I developed a little Helper app (non-sandboxed), which currently is distributed via my website, and to enable extra features it provides, the user is asked to download and install it manually (it installs itself as a daemon).
I'm looking for ways to improve the user experience. Ideally, it would be a button inside the main app, which would download and install the helper app, without asking the user to do more than pressing a button.
As far as I understand, in the previous versions of macOS, it would be possible with privileged helpers and SMJobBless, but those are deprecated APIs now.
Another way I tried, is simply downloading the installer app from the website, but opening it programmatically from the main app is tricky since it cannot remove it from the quarantine, in other words, it fails with "operation not permitted".
Any advice is appreciated!
My app, which has been on the Mac App Store for many years, has an update being blocked by App review. The only change made is a bug fix (documented in the release notes).
First rejection:
Said I was using an entitlement I didn't need.
My response: I explained the feature that required the entitlement.
App goes back in review and gets rejected again for completely different reasons. They don't want me to write files in my App Sandbox container and instead write them in a more traditional user facing location (like in the Documents folder). They keep sending me a link to the "App Sandbox Design Guide" in the Documentation Archive (which appears to redirect to a different page?) and are quoting a section that is nowhere to be found in the link they send me (on the page I'm redirected to). I keep explaining to them that I cannot write outside my sandbox container and that this isn't my choice.
And they keep rejecting my app and sending me a broken link to the "App Sandbox design guide." It isn't my fault that I have to write to my sandboxed container by default or have a non-functioning app.
In any case, I don't understand why a bug fix update is being held up and I'm getting some vague instructions about possibly having to design some long winded explanation to the user in some ridiculously complicated onboarding process about choosing a folder in a save panel, why you have to choose the folder in the save panel (because I need your permission), OR just quit the app you just bought because it'll otherwise do nothing if you don't choose a folder in the save panel. Users got enough panels to deal with. At the very least App review shouldn't send me broken links from the Documentation Archive.
So I'm using my sandbox container by default (because by default I cannot do anything else). I've been doing this for a long time and I don't understand why it is suddenly a problem. What is my sandboxed container for if I can't write to it?
If documentation such as the "App Sandbox Design Guide" is still relevant and important why is it being archived anyway ? The link redirects I cannot find the section the reviewer is citing in the provided link.
I don't mind being asked to do something to improve the app but I've wasted a lot of time trying to satisfy app review in the past only to misinterpret what they actually are asking me to do causing more wasted time and energy and not getting a whole lot in return.
And I don't think it's fair to block a bug fix update.