I'm in the process of enabling sandboxing, and the hardened runtime for my app, and I'm trying to share some files written my a group container shared by my main application, and an XPC service that it bundles.
Unfortunately, any files or directories I create in the group container have
com.apple.quarantineIt doesn't seem to matter if I use NSFileManager API to create folders/files, or use an external tool like
/usr/bin/dittoIs there any way to prevent this?
Does the quarantine attribute actually cause a problem? If so, how?
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"Hi Quinn - thanks for replying!
For my use, yes, I think it does cause a problem. I'm one of the developers working on Reveal and the filesystem items I'm writing out from our sandboxed app are:
The installation via simctl works fine, but the Simulator refuses to load the app it seems because of that quarantine bit. I'm expecting I'll face similar problems when I try to dyld inject our framework into that app same app via launch args/environment variables.
At this stage, I think we'll need to offer a post-install download containing these items in order to support sandboxing.
Do you have any ideas? I'm keen to work within the rules, but I understand that my use case here isn't run-of-the-mill.
I understand that my use case here isn't run-of-the-mill.
Indeed. I don’t have any suggestions off the top of my head. If you’d like to dig into this in more depth, you should open a DTS tech support incident so that we can look at it properly (and that’s the royal we, btw, I have a colleague here in DTS who’s just as likely to take this incident as I am).
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"Thanks, Quinn - I appreciate that. I've found a workaround for now, but will log a DTS incident if it becomes necessary.
Hi,
Do you mind sharing what was the workaround?
Thanks.
We chose to spin out to an external XPC service that won't be a requirement to run our app and (eventually) won't be shipped as part of the binary that users download from our website, but can be downloaded to augment the app's features/experience it if the user chooses to.
This external XPC service does not use the App Sandbox (but has a very narrowly defined and documented set of features so our users know what it's capable of doing, and actually is doing), and thus can perform limited interactions with things like simctl. You can see a similar approach with apps like Paste.app, which prompts to download a helper app when the user enables specific features in-app: http://pasteapp.me/helper
In Reveal's case, this means we'll need to ship some example documents (or the facililty to download sample documents from our website), which I think will be an improvement for our users anyway.
