Where to Write Shared Application Data -Between Users in OSX

But it seems I need to get root access to write data to

/Library/Application Support/YourApp

... right?

Yes. Here’s the default permissions for the

/Library/Application Support/

$ ls -ld '/Library/Application Support/'
drwxr-xr-x  11 root  admin  352 28 Sep 05:41 /Library/Application Support/

As you can see, only

root

Can I write to

/Users/Shared/

, Does this required root privileges?

No. Here’s the default permissions for

/Users/Shared/

$ ls -ld /Users/Shared/
drwxrwxrwt  4 root  wheel  128 28 Sep 05:30 /Users/Shared/

This shows that anyone can write to the directory. It’s also marked as sticky.

Is there anything wrong in doing this?

Very likely. It really depends on what you’re writing there. The fact that any process on the system can modify this directory makes it a breeding ground for security vulnerabilities. The fact that it’s sticky helps mitigate those somewhat, but it’s still something you’d have to approach with extreme caution.

What are you planning to store there?

Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

I wonder if this question is premised on old fashioned macOS ideas, rather than more recent ideas introduced for the App Store and app sandboxing...

If you're developing a sandboxed application, for recent versions of macOS, you can just set up application group container directory that the system will create for you, and you can just put the shared preferences there. (Unless I'm misunderstanding the app group container documentation, and it's still a separate shared container for each user....)

If you're not developing a sandboxed application, what are you doing? :-/

Thanks for your reply;What exactly does a sandboxed application mean? I get data from the system and write data to the system ie:make permanent changes to the disk..So i guess mine is not a sandboxed application.

Thanks for your reply,Im planning to store licensing data (encrypted) in a subfolder.The software will be licensed per Mac so.. i need to write data to a globally accessible location by all users without root rights.I will be writing this data from the OSX Application.

On the other hand i guess it will be fine to ask for root access during activation.. but i dont know how to do and it seems it will be complex.

Also I dont want to ask the user for the root password everytime he/she launches the application.

Is this folder present in all version of OSX that supports SWIFT?

https://developer.apple.com/library/content/documentation/Security/Conceptual/AppSandboxDesignGuide/AboutAppSandbox/AboutAppSandbox.html

Is this folder present in all version of OSX that supports SWIFT?

Yes.

/Users/Shared/

Im planning to store licensing data (encrypted) in a subfolder

The problem with using it for licence info is that everyone can write to it. Imagine if you’re app were deployed to a home Mac. A kid could accidentally delete your licence, preventing all users on the Mac from using your app.

There’s two standard approaches for this:

• Installing your licence via your installer, which lets you put it in a privileged location

• Building a licence management subsystem into your app

The latter is quite complex.

Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"