My setup
macOS Big Sur
Xcode 12.5.1
With macOS sandboxing, I've enabled access to
User selected file
Download folder
Picture folder
Music folder
Movie folder
all with Read/Write permissions.
However, when I use the official file_selector and path_provider. I still cannot reference any files and folders outside of the Downloads/Music/Movies/Pictures.
I always get
OS Error: Operation not permitted, errno = 1
whenever I tried to access a directory outside of those directories mentioned above.
Expectation
I expect that by giving User selected file permission, I should be able to allow file_selector to access say user Documents/Desktop folder. Otherwise, how could the user have "selected" files if it requires separate permission from those predefined folders?
I read from native dev posts that one would need to call the native function NSOpenPanel.
Can anyone let me know how? Is it that flutter does not support such User selected File feature?
Should I resort to the platform method channel?
This sounds a bit crazy.
Solved it myself based on other answers. The gist
App Sandboxing will forbid an app to access files/folders outside of the sandbox, except for these user folders: Downloads/Movies/Music/Pictures. For instance, you won't be able to access home folder by using
path.join(path_provider.getApplicationDocumentsDirectory(), '..');
which would just give you
OS Error: Operation not permitted, errno = 1
Under Sandboxing mode, only limited locations are accessible, which must be configured within the Xcode project, either through Xcode GUI or onto the entitlement files directly.
For internal tooling or dev purposes, disable Sandboxing is good enough. The ways to disable it are
Within Xcode project Signing & Capabilities panel, click the "X" button at the right end of the App Sandbox category.
Editing the plist files DebugProfile.entitlements and Release.entitlements by setting the field
<key>com.apple.security.app-sandbox</key>
<false/>
After this, the file_selector API will be able to access files outside of the app sandbox.
Related
I'm new to MacOS app development, and just getting around to hopefully releasing an app. I have two options - the Mac App store or do it through my website.
I would have preferred to do via the App Store but realized it has a "sandbox" requirement, and I'm flummoxed on what I should do.
My app requires heavy file/folder access. Some of the basic requirements are
ability to open and save files
ability to create folders (without prompting, as part of a process run)
ability for a backend process to access those files and run on it (e.g., if I added a markdown file to the app, and then run pandoc on it)
I can live with a user giving access to a base folder (and its subfolders) as kind of the app folder and I can work inside it. But being able to invoke a command-line tool installed on the mac, to run on those files, is paramount.
Can I do this at all? Or do I need to go outside the app store? I do not need access to system files etc and my app does absolutely nothing with any file except the ones within a project folder chosen by the user.
Any pointers to more recent documentation greatly appreciated. Kind of lost.
I've been trying to write a Mac app lately, and have run into an issue. This is not overly major but it would be great to have a solution.
I have to load an image at runtime, specified by the user (so no, I cannot embed the image into the bundle as many alternatives suggest), and embed it into an NSTextView using NSAttributedText. The image loads fine from the Pictures directory (/Users/USERNAME/Pictures/IMAGE) etc, but not from the Desktop. I have checked the Capabilities tab in Xcode, and Read/Write is enabled for all of the available options:image
Using FileManager, I have determined that the file definitely exists, but is not readable. Can I set this manually in the Entitlements file?
Thanks in advance.
No, you can't. The standard desktop is not accessible out of the box if the app is sandboxed. Only the standard Downloads, Pictures, Music and Movies folder are accessible with the corresponding entitlement.
There are two options to access the other folders but in all cases the user must choose them once
Open/Save dialog for temporary access if the appropriate entitlement is set.
A security scoped bookmark for permanent access but also in this case the user must first choose the folder once via Open/Save dialog and the security scoped bookmark must be created programmatically.
We are packaging our app for drag and drop installation DMG as following:
Application Name/Application.app
Application Name/Readme
Application Name/Examples/...
Application Name/Documentation/...
And user is supposed to d&d Application Name Folder to /Applications/.
Everything is code signed including DMG.
From most information I read this should be enough to prevent app translocation happening, but for some reason it isn't for some of our Sierra users?
The solution for them would be beside d&d folder to /Applications is to do another drag & drop (move) Application.app somewhere and back to /Applications/Application Name/ or move only Application Name/Application.app overwriting /Applications/Application Name/Application.app.
Now the question is why do only some users have this issue, and shouldn't code signing dmg prevent app translocation from happening?
I verified they have selected Allow apps downloaded from Mac App Store and identified developers.
I had this same problem on my side and had to go get some help via DTS, so I thought I'd repay the favor by replying here:
To avoid translocation, it turns out that not only is the disk image DMG supposed to be signed, but the file format for the image needs to be very specific: UDRO.
You can see more information about UDRO when you look at the man page for the hdiutil command line tool.
I have made an app that displays my website from a UIWebView and it takes you to a store that you can download files. My question is that I need to download a '.zip'file from my website using the app to the IPhone. Heres is my problem. I don't want the file to goto the App's Document folder, I want it to goto a folder that is outside of my applications folder. Here is an example path I might want my file to goto EX:'var/mobile/Library/Downloads'. If there is not a way to download the files to a path outside of the app's folder, is there a way to transfer the specific file that I have downloaded from my website using the my app to another folder that is not located in my app's folders? I know this can be done because I have used apps that have done this, of course they were apps only available on Cydia. This is also an app that will be used for Jail-broken users just for your information!
Thanks for any help!
Any "regular" iphone app runs in a sandbox that prevents access to system wide directories. Practically, you only have access to the app Home Directory.
Unless you go for a jailbroken app, you have no other options than storing to the App docs folder.
Read "The Application Sandbox" and "The File System" [here] for more details1.
EDIT:
I am not an expert on cydia, but the general idea is gaining access as root and then write to where you need to. This can be done by replacing your app with a suid shell script that will in turn exec your app (which will have root privileges now and then be able to go out of the sandbox).
For more info look at this.
I need a copy of the store that is saved as Core Data sqlite file inside a test app installed on my device.
I know how to get files out of the the simulator at path: ~/Library/Application Support/iPhone Simulator/[Version]/Applications/[AppID]/Documents
...but i need get the .sqlite file from the app on the device itself.
Unless the app itself has file sharing built in, you can't access the documents folder from outside the app. It is a security precaution and part of the sandbox.
Update:
I misunderstood the context of the question. To get files off a developers iPhone, connect the device and open Xcode>Window>Organizer. Select the device in the lefthand pane. In the righthand pane will be a list of applications. Your custom apps will have an arrow next to it. Hit the arrow and you will see "Application Data" hit the down arrow icon and it will let you download the data to folder. That folder will contain the apps Document, Library and tmp folders.
I wrote an application specifically for this to distribute to my customers and testers of my applications when they have problems. iPhoneRescue is free and allows you to get at all of the backup information in your iPhone; this includes any sqlite files.
All the users have to do is find their device backup, find the application, and then save the application files or just a specific file. (This does not work if they have encrypted their backups).