Is it possible for an app sold thru the Mac App Store to access system folders?
I mean this: my app needs to read the contents of directories that are outside the sandbox area, lets say something like /Library/StartupItems
and possibly delete a file there if the user wants.
Is it possible for a sandboxed app to access system folders and delete files there? If it cannot delete, can it at least read?
Do I have to enable sandbox if I want to sell on the Mac App Store?
I have tried a directory at random doing this:
NSString *path = @"/Library/StartupItems";
NSArray *dirFiles = [[NSFileManager defaultManager] contentsOfDirectoryAtPath:path error:nil];
and I can get the directory listing. How can I be reading that if the app is marked as sandboxed? I don't get it.
Overview. The App Sandbox is an access control technology that macOS provides and enforces at the kernel level. The sandbox's primary function is to contain damage to the system and the user's data if the user executes a compromised app.
Since June 1st, 2012, all third-party applications distributed through the Mac App Store must be sandboxed. While sandboxing does permit a large range of app functionality, you'll find that Mac App Store apps are often more limited than their non-sandboxed components.
Android sandbox The Android platform isolates apps from each other and protects them -- and the overall system -- from malicious apps and intruders. Android assigns a unique user ID (UID) to each application to create a kernel-level sandbox. This kernel ensures security between apps and the system at the process level.
No, OS X Applications sold through the Mac App Store cannot access resources in the way you've described. It's also required that all apps are sandboxed and codesigned with a valid Mac Developer Program Certificate.
As for being able to read /Library/StartupItems
(which is deprecated) when your app is marked as "sandboxed"; it's not just a matter of having the option checked. You also have to ensure “Use Entitlements file” is selected and the application is properly codesigned. Once you've done that you can check to verify it's properly sandboxed in Terminal by using:
codesign -dvvv --entitlements :- Some.app/Contents/MacOS/Executable
In addition, there are certain directories where files that are "world readable" can be read:
/bin
/sbin
/usr/bin
/usr/lib
/usr/sbin
/usr/share
/System
In order to allow an OS X application to interact with the file system like your (earlier) example the application would need to use elevated privileges typically using Authorization Services
— which App Sandbox disallows. Take a look at the section titled "Determine Whether Your App Is Suitable for Sandboxing", and it should answer any other concerns you might have.
Sandboxing is good in a lot of ways, but also very restrictive at the same time. If your app needs to do things that are not within the scope of what is allowable you can choose to not sell through the Mac App Store and not use Sandboxing. Some developers also create two different versions of their app (Mac App Store version and non-Mac App Store). If your app relies on going outside it's container for much of anything you'll definitely want to consider/weigh the pros and cons of Sandboxing.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With