Lion problem report and fix

J. Landman Gay jacque at hyperactivesw.com
Fri Jul 22 01:32:55 EDT 2011


On 7/21/11 11:07 PM, Ken Ray wrote:
> Personally I think we may be jumping the gun on assuming Apple's
> intentions based on enhanced security on the /Library/Application
> Support folder.

I've been working my way through the Ars Technica article that was 
linked here. The Sandboxing section describes how Lion apps must save files:

***
A sandboxed application must now include a list of "entitlements" 
describing exactly what resources it needs in order to do its job. Lion 
supports about 30 different entitlements which range from basic things 
like the ability to create a network connection or to listen for 
incoming network connections (two separate entitlements) to 
sophisticated tasks like capturing video or still images from a built-in 
camera.
It might seem like any nontrivial document-based Mac application will, 
at the very least, need to declare an entitlement that will allow it to 
both read from and write to any directory owned by the current user. 
After all, how else would the user open and save documents? And if 
that's the case, wouldn't that entirely defeat the purpose of sandboxing?
Apple has chosen to solve this problem by providing heightened 
permissions to a particular class of actions: those explicitly initiated 
by the user. Lion includes a trusted daemon process called Powerbox 
whose job is to present and control open/ save dialog boxes on behalf of 
sandboxed applications. After the user selects a file or directory into 
which a file should be saved, Powerbox pokes a hole in the application 
sandbox that allows it to perform the specific action.
A similar mechanism is used to allow access to recently opened files in 
the "Open Recent" menu, to restore previously open documents when an 
application is relaunched, to handle drag and drop, and so on. The goal 
is to prevent applications from having to request entitlements that 
allow it to read and write arbitrary files.
***

It does only talk about saving to the user folder, but maybe the app can 
request specific permissions/authority from the OS to write to protected 
locations too. If so, and if standalone builder can be updated to 
include that request, things could work as before.

-- 
Jacqueline Landman Gay         |     jacque at hyperactivesw.com
HyperActive Software           |     http://www.hyperactivesw.com




More information about the use-livecode mailing list