NSSavePanel and the Sandbox
Asked Answered
B

1

8

I have some problems understanding the new Lion's Sandbox.

I know that Lion includes a trusted daemon process called Powerbox whose job is to present and control open/save dialog boxes on behalf of sandboxed applications.

Like the Code Signing And Application Sandboxing Guide says:

Any time an application running inside a sandbox invokes an NSOpenPanel or NSSavePanel dialog, rather than showing the panels directly, AppKit automatically asks the Powerbox to present the dialog. From a developer perspective, there are no code changes required in terms of how these panels are used; this process is fully transparent.

After the user selects a set of files or directories, the Powerbox uses new functionality in the sandbox kernel module to expand the invoking application's sandbox to allow access to the selected files. By the time the application code queries the panel for the returned URLs or filenames, it already has permission to access those files, and can continue to use the files through almost any API it already uses.

Ok. I did some practical tests using this code:

NSSavePanel *savePanel = [NSSavePanel savePanel];
savePanel.delegate = self;

savePanel.directoryURL = ...;
savePanel.nameFieldStringValue = ...;

[savePanel beginSheetModalForWindow:self.window
                  completionHandler:^(NSInteger returnCode) {
/* the completion handler */
}];

The strange thing is that the NSOpenSavePanelDelegate method's, that are called BEFORE the completion handler, do not have access to files on the filesystem.

Is this correct?

But if so, the delegate's methods like panel:validateURL:error: becomes useless!

Can you help me explaining in more detail the connections between the app and Powerbox?

Backbone answered 27/7, 2011 at 12:35 Comment(4)
Why does your validateURL: method need access to the file system? The URL of the file in question is passed to the delegate method, what else do you need?Threnody
I would like to analyze, for example, if the specified URL is writable, and, if not, return NO.Backbone
Anyway, you can confirm to me that the NSOpenSavePanelDelegate's methods do not have the access to the filesystem? Only the completion handler can access to the selected file? (The official documentation is lacking, in my opinion.)Backbone
I can confirm that you don't have access to the file system in the panel:validateURL:error: delegate method. You should log a bug with Apple if you want this changed.Threnody
B
9

After contacting Apple, I can confirm what Rob Keniger wrote: NSOpenSavePanelDelegate method's don't have access to the filesystem in sandboxed applications.

Backbone answered 29/7, 2011 at 9:43 Comment(6)
Hello, I've opened a Technical Support Incident (TSI).Backbone
ah, I see. The last time I used that their response was so useless that I never used that after that. THANKS! By the way, do you know if there is any way to use [NSSavePanel savePanel] on sandboxed apps with storyboard? There is no way to make it work.Ignescent
@Backbone Did you get any useful reply to your TSI? We -- and I assume others -- have the same problem.Codon
@Backbone Could you share what the TSI outcome was? That would be awesome!Cushat
Oh, it was 7 years ago, unfortunately I have nothing more at my fingertips :)Backbone
I have filed a Radar, but not very hopeful: openradar.appspot.com/radar?id=5004220688236544Gendarmerie

© 2022 - 2024 — McMap. All rights reserved.