>> As someone with a Java app in the Mac App Store (MAS), I would like to vote >> against this change. >> >> It is still important to know the user's actual home directory >> (/Users/<username>) even if the app is running in the sandbox. Using the >> entitlement, com.apple.security.files.user-selected.read-write, we can still >> write to user selected directories (such as ~/Documents). So changing the >> user.home property to point to somewhere in the app's Container would make >> it more difficult to get the actual home directory and thus, other >> directories that the end-user is familiar with. I also think this change >> would lead to more developer confusion and make application code more >> complicated. >> >> I don't know all what the user.home property is used for in the JDK itself, >> but concerns about the MAS sandbox would be, IMHO, better handled using >> special Mac/MAS only properties, such as those setup by infinitekind's >> Appbundler fork on bitbucket: https://bitbucket.org/infinitekind/appbundler >> >> Nick > I'm sure Brent wants to do the right thing here and maybe this needs some > input from the Apple or other Mac-savvy folks as to whether sandboxed apps > are really supposed to know about the actual user's home directory. > > FWIW, the original recommendaiton to switch to NSHomeDirectory came from > Scott Kovatch when he was working on Application Bundler. It's very possible > that things have changed since then.
I haven't had a chance to look at the changes yet, so this may be a bit premature... Using NSHomeDirectory is the CORRECT behavior, whether the app is sandboxed or not (that extends to ALL apps, not just Java based). If the application needs to access Documents, Music, Movies, etc then those entitlements need to be added. Additionally, even if sandboxed an application can open documents in any folder the user has access to as long as the standard file chooser is used (which I believe we already do), the app will be granted (indirect) access to the selected file(s). -DrD-
