File Permissions with Mac Application

Question

I am creating a mac application which encrypts a file. Now when the user is ready to open the file I have to decrypt it and pass it along to a application, let's say preview in this case.

What is the best approach to do this? Should I decrypt the file to a location and send that location to preview? Is that's the best approach can I do any file permissions to other apps or process do not access this file?

Answer 1

If you have to put a cleartext file on the file system to allow another program to read it then it may be impossible to make this 100% secure. My preference would be to avoid that if security is important. Possible alternatives are:

1. Use an encrypted interchange format that the other tool accepts. For example, Preview can read encrypted PDFs. You can use PDF Kit or the underlying Quartz 2D library to write encrypted PDFs. Note that the default encryption is 40-bit; you would probably want to increase this with kCGPDFContextEncryptionKeyLength.
2. Serve the data via localhost to the other program, e.g. a browser. You could embed a loopback web server into your application and present your data as a web page. You should disable browser caching (to keep the browser from writing cleartext) and you will need to add some form of authentication (to keep an attacker from querying for the data).

If you must put cleartext on the file system, besides restricting file permissions you can unlink the file once it has been opened by the other program. This will prevent normal methods of accessing the file and will delete it when the other program closes it. This does not, however, protect against file system access before the file is unlinked or against attacks that bypass the file system.