写入应用程序自己的捆绑软件时,“沙盒:拒绝文件写入创建" [英] 'sandboxd: deny file-write-create' when writing to app's own bundle
问题描述
我已经在Mac App Store中编写了一个程序,该程序可以显示一些图形.有时它会通过Internet更新这些信息.与大多数人一样,我现在必须对应用程序进行沙箱处理.
I've written a program in the Mac App store which displays some graphics. Occasionally it updates these off the internet. As with most folks, I'm having to Sandbox my app now.
几乎所有内容都可以正常工作,但是在更新时,它将文件保存在应用程序自己的捆绑包中,并失败,并显示"sandboxd:deny file-write-create"
Almost everything is working, but when updating it saves a file in my app's own bundle and fails with 'sandboxd: deny file-write-create'
我只是使用fopen(...,"wb")
I just use fopen(..., "wb")
传递给fopen的路径是: /Users/MyUser/Library/Developer/Xcode/DerivedData/MyApp-czuwveatgjffaggwqjdqpobjqqop/Build/Products/Debug/My.app/Contents/Resources/the_file.foo
The path passed into fopen is: /Users/MyUser/Library/Developer/Xcode/DerivedData/MyApp-czuwveatgjffaggwqjdqpobjqqop/Build/Products/Debug/My.app/Contents/Resources/the_file.foo
使用以下方式创建路径:
The path is created using:
CFBundleRef bundle = CFBundleGetMainBundle();
CFURLRef url = CFBundleCopyResourcesDirectoryURL(bundle);
CFURLGetFileSystemRepresentation(url, true, (UInt8*)buf, sizeof(buf));
我在这里做错了什么吗?我的应用程序是多平台的,因此理想情况下,我将继续使用fopen/etc.据我了解,即使被禁止在其他地方做任何事情,也应允许该应用写入其自己的捆绑软件中?
Am I doing something obviously wrong here? My app is multi-platform so ideally I'd keep using fopen/etc. As I understood, the app should be allowed to write into its own bundle, even if it is blocked from doing anything elsewhere?
谢谢!
推荐答案
OS X应用程序永远不要 写入应用程序捆绑包(即使未进行沙盒处理).在OS X中,与用户自己相比,该应用程序对文件系统的访问权限更大,并且该用户(通常)将无权修改/Applications中的任何内容.请注意,这与iOS应用程序大不相同,后者通常将其数据存储在应用程序捆绑包中.
OS X apps should never write into the app bundle (even if they aren't sandboxed). In OS X, the application doesn't have any more access to the file system than the user does on their own, and the user (generally) won't have permissions to modify anything in /Applications. Note that this is quite different from iOS apps, which normally store their data inside the app bundle.
在OS X中,应用程序数据通常存储在每个用户的库"文件夹中,具体取决于其数据类型,存储在多个子文件夹之一中.请参阅"".沙箱操作使此操作变得复杂,因为每个应用程序都有自己的确定特定于应用程序的文件的存储位置".
In OS X, application data is generally stored in each user's Library folder, in one of a number of subfolders depending on the type of data it is; see Apple's note on "The Library Directory Stores App-Specific Files" for the primary ones. Sandboxing complicates this, because each app gets its own Container inside the user's Library. Apple provides a number of methods for determining the correct location for various kinds of data; see "Determining Where to Store Your App-Specific Files".
这篇关于写入应用程序自己的捆绑软件时,“沙盒:拒绝文件写入创建"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
