Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Can you update a sandboxed Mac app using Sparkle or something similar?

Tags:

For those distributing Mac apps outside the Mac App Store, how are you planning to support updating and sandboxing? I'm guessing most people's answers for the time being is that they're not, but I hope that eventually non-MAS apps could be sandboxed just like MAS apps.

To use Sparkle, your app would need network access, which could be granted, as well as the ability to overwrite itself in Applications. Currently you could do this with the com.apple.security.temporary-exception.files.absolute-path.read-write entitlement, but that's not a good solution. It will likely go away, and even if it doesn't there's little point in sandboxing an app if you're going to give it full filesystem read-write access as well as network access.

Has anyone already gone down this path and found a good solution? I ask because I try to keep my MAS build and my non-MAS build as identical as possible, and I'm currently looking at having my MAS build sandboxed and my non-MAS build not.

like image 227
c-had Avatar asked Jan 04 '12 19:01

c-had

People also ask

Does sandbox work on Mac?

Overview. The App Sandbox is an access control technology that macOS provides and enforces at the kernel level. The sandbox's primary function is to contain damage to the system and the user's data if the user executes a compromised app.

Does Apple have sandbox apps?

All third-party apps are “sandboxed,” so they are restricted from accessing files stored by other apps or from making changes to the device.

What is Apple app Sandbox?

App Sandbox is an access control technology provided in macOS, enforced at the kernel level. It is designed to contain damage to the system and the user's data if an app becomes compromised. Apps distributed through the Mac App Store must adopt App Sandbox.

2 Answers

In a conversation started by @chockenberry on twitter, @andy_matuschak responded favorably to creating an XPC service for Sparkle.

I have a pull request open on GitHub that actually creates the XPC service. Hopefully, this will get incorporated into Sparkle soon.

like image 110
wbyoung Avatar answered Sep 28 '22 01:09

wbyoung

We actually have two versions of our app: one for our own web site and one for the app store.

I recommend using Sam Deane's approach which you can find in his GitHub repository. It works well for us.

like image 39
uem Avatar answered Sep 28 '22 01:09

uem
Sign in to Comment

Related questions

What triggers a full garbage collection in Java?
What can I do about maximized, styled windows, which show their borders on adjacent monitors?
Custom search tab in Windows start menu search with C#
Concurrency is not Parallelism? [closed]
CSS3 Matrix rotation
Calculate colour temperature in K
Access violation in code that is not mine
Best way to mirror a UIWebView
Video compression on android using new MediaCodec Library
Laravel 4 Controller Templating / Blade - Correct method? [closed]
Securing Firebase: Preventing administrators from being able to see all users' data in the Forge?
Clang performance drop for specific C++ random number generation

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!