On 10 Oct 2012, at 15:04, "Sean McBride" <s...@rogue-research.com> wrote:
> On Wed, 10 Oct 2012 09:46:15 +0100, Mike Abdullah said: > >>>> Sandboxed apps can resolve aliases and follow symlinks, but unless the >>>> destination is within their sandbox already they do not gain access to >>>> it, sadly. I recommend filing a radar requesting this. >>> >>> I will. >>> >>> Do you agree with me that pathControl:acceptDrop: should pass the >> resolved alias instead of the original? Or perhaps provide a >> setResolvesAliases: like NSOpenPanel does? >> >> I don't know really. To resolve aliases properly would require it to be >> some sort of privileged UI component like NSOpenPanel. Or Apple would >> have to add a new entitlement for this, or adjust how the sandbox works. >> They all *work*, but the first option sucks for developers making other >> similar things. > > I'm pretty sure it already is a 'privileged UI component like NSOpenPanel'. > In the early seeds of 10.7, there were all sorts of sandbox violations > related to NSPathControl trying to draw the icons of the file hierarchy, and > failing to have access to those icons. Really? Three possible conclusions come to mind: * The sandbox has been relaxed to allow fetching of icons of ancestor folders * NSPathControl is more aware of the sandbox, and doesn't try to fetch icons it doesn't have access to * NSPathControl has some special privilege which allows it to fetch icons other components can't The last one seems least likely to me since it would be a sandbox hole application-level or malicious code could exploit. Number two also seems slightly improbably to me simply because NSPathControl still has a sandbox-related bug where it no longer recognises a path stems from the user's home directory. _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
