Delete file from bundle after install

About

Asked 9/4, 2013 at 18:8 Answered 9/4, 2013 at 18:52

I realize that you can't delete an item from the iOS bundle since it's signed, but is there a way to include a file and have it not be part of the "signed" bundle, but still present on install?

Use case is basically install the app, read the contents of the file, store in the keychain, then delete the file.

Thanks for any help and guidance.

Of note -> The app can't access the internet to fetch this file. And being able to delete the file (or wipe the file's contents) after reading it once is all I really need. Also, we're ad-hoc distribution here, we don't go through any App Approval process.

Madgemadhouse answered 9/4, 2013 at 18:8 Comment(5)

Don't think you can delete a file from the bundle... Have you considered setting up some sort of server for your app to retrieve the contents of a file? – Flexion 9/4, 2013 at 18:11

The application bundle is read-only for the application on the device. So you cannot delete a file from your bundle, be it signed or unsigned. – Permanence 9/4, 2013 at 18:13

Unfortunately, we can't fetch a file remotely due to "business contraints" which is a crap excuse, but the only answer I have. And @MartinR good point. Didn't really consider that part. I guess, is there any way to pre-populate the docs folder with a file? – Madgemadhouse 9/4, 2013 at 18:18

@Breland: The usual way is to copy a file from the app bundle to the docs folder if it does not yet exist. – Permanence 9/4, 2013 at 18:21

If you provide more details, your "business constraints", you might get a detailed solution. Why do you need to delete anything from the bundle? Anything in the bundle goes through the app approval process and everybody who downloads the app gets it. – Royceroyd 9/4, 2013 at 18:34

The short answer is No. The app bundle is read only.

As others have pointed out, the usual solution for delivering data in the bundle that needs to be editable is to copy data from the application bundle to the documents (or other app folder) so that you have an editable copy. However, you still cannot delete anything from the bundle.

Since your project has restrictions where you cannot transmit the data through the Internet, and you are delivering the application via Ad-Hoc distribution, it seems like your primary concern is that the delivered file cannot be accessible, even on a jail broken device.

Since you cannot delete the file to make it unreadable, your next best bet is to encrypt the file to make it unreadable. Your app could decrypt the contents, use it, and dispose of the decrypted version. Of course, this is still not bulletproof, since decryption requires a key which you must protect, but it's about as bulletproof as you're going to get.

Royceroyd answered 9/4, 2013 at 18:52 Comment(2)

Best solution so far, I guess, then, best way to get the key to the device "safely"? – Madgemadhouse 9/4, 2013 at 18:55

Derive the key, like use the CRC-32 checksum of one of the files in the app, hashed with some other value, so the key isn't stored in the compiled code, but instead, they'd have to trace through the program to see how you're deriving the key. You could make it time limited by factoring in the time, but you'd add the requirement that the user's device's time must be accurate. – Royceroyd 9/4, 2013 at 19:4

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags