I would like to read/write to the DCIM folder.
I was able to perform this operation under 3.1.3, but it fails under 4.0. Has the actual location been moved within the iPod directory tree?
Previously it was located at:
/var/mobile/Media/DCIM
I do not have a jailbroken 4.0 machine, so I cannot find the true location of the DCIM folder.
Did apple close the exploit of being able to write to the location from any application, or did they move it to another location??
This feature was removed for security reasons.
It allowed apps to see your GPS location from photos in the folder.
To be straight, now there is virtually NO way to access the user's photos apart from the UIImagePickerController? Even if I don't want to submit an app featuring these functions to the AppStore?
I can read out all of the thumbnails on my iPhone 4, but not the DCIM...
Related
TL;DR: I have a small internal hard drive and a 2TB iCloud Drive. I want to have access to all my files (iCloud), but I don't want all of my files on my computer.
In macOS (since Sierra I believe) Apple included a features where you can have your Desktop and Documents folders synced to in iCloud Drive, and if you enable it, when your drive fills up, macOS removes local copies of those files and replace it with a little placeholder.
I'm wonder if there is a way to pick and choose what files get offloaded to iCloud this way and when. Let's say I just added a file to my Documents folder that I want to keep, but I have no intention to use it for a while, so I just want it to sync to iCloud then replace the local copy with the placeholder, instead of waiting for my drive to fill up and then have macOS auto offload files for me.
Also, it would be nice to have more than just Documents and Desktop offloadable, but I'm guessing Apple doesn't expose that much functionality in their SDK that I could write an app to do that.
I currently don't develop in any Apple approved languages (Swift & Obj-C) but if there is a way to create an app with this ability to offload files to iCloud Drive I'll deep dive into the language to scratch this itch.
Note: I know I can store any file I want in iCloud Drive by dragging a file into the iCloud Drive icon in the Finder, but to my understanding, these files require a local cache of the file and not this placeholder method that Documents and Desktop folder syncing uses. If there is a way to offload through the customer facing iCloud Drive access in the Finder I'm open to that method too.
Within macOS Catalina this can now be done by right clicking the file/folder and clicking "Remove Download"
For those who cannot upgrade to macOS Catalina, you can simply turn off the iCloud drive in system preferences and then manually upload and download your files via icloud.com. May seem a little tedious, but doing things this way is intuitive enough that you shouldn't make any mistakes moving/locating your files.
I note that other apps (testing on Android) like WhatsApp, etc have folders that contains images the user has used/downloaded. These folders (like WhatsAppImages) are visible in other apps (Gallery/File Explorers, etc) so you can use those files to share, delete, etc like any other file.
In my codenameone app I download image files but they cannot be seen anywhere on the local device. I understand that for security apps run in a sandbox and this may be why.
But how do these other apps make their downloaded files visible to the general file system and other apps ?
Many Thx
Codename One doesn't support that at this time but you can use native interfaces to add this as explained here for Android: How to save image in android gallery
and here for iOS: How can I save an image to the camera roll?
You can also file an RFE to add this either as a cn1lib or API.
I created a small application in Xcode with Cocoa Desktop and this application has to create a folder in the current user's desktop Mac OS X
When I run the application without using the app creates a sandbox folder properly on desktop
If I use the sandbox putting right files for read / write I can not create a folder on the desktop
Does anyone know how to solve this as to send the application to the AppStore is necessary to use sandbox?
You shouldn't just create a folder on the desktop, regardless of whether you are using the sandbox or not. Instead use NSOpenPanel configured to select folders and ask your user to provide you either a folder to use. That is compatible with both open and sandboxed apps.
In the sandbox world once you've asked the user for a folder you can create a security scoped bookmark and save it in your apps preferences; on subsequent runs you can use that bookmark to re-establish rights to access the folder without user intervention. E.g. a browser might ask once for access to a folder to store downloads and then save a security scoped bookmark to that folder.
HTH
For some applications it just better to use some directory as default directory (Eg. Mail and Firefox uses Downloads as default directory). I guess this is your case. But, for better user experience (and for higher chances of your App's acceptance in AppStore) follow best practices - like avoiding direct Desktop access. And, mostly you will find the answer yourself if you go through these guides:
App Sandbox Design Guide (https://developer.apple.com/library/mac/documentation/Security/Conceptual/AppSandboxDesignGuide/AboutAppSandbox/AboutAppSandbox.html)
Entitlement Key Reference (https://developer.apple.com/library/ios/DOCUMENTATION/Miscellaneous/Reference/EntitlementKeyReference/Chapters/EnablingAppSandbox.html)
I have an app which needs to preserve data between times it runs. I had been using NSUserDefaults for this, but I've had a few users point this out to me: this causes different users to end up with different data, which isn't the way the app should work. It needs a single directory that it can read/write from regardless of which user is running it.
So, I need a non-user specific directory that a sandboxed mac app can read and write to.
Thanks!
(Oh, and if this directory is persistent between updates of my app, that'd be helpful, too!)
Quick barely related question: Is there a way to have a user modifiable resource file in a Mac App Store approved app? I don't want it to be modifiable via my app; I just want to make sure that users modifying it won't cause the system to kill the app for not matching a code signature hash or something.
I don't think that you will be able to read and write in a directory outside of the App Sandbox container without prompting the user to select it using Powerbox and saving a security-scoped bookmark (see App Sandbox Container Directory). From what I've gathered about App reviews lately, you won't even be able to specify a default in the open dialog if you elect to have the user choose the directory.
As for the second question, as I understand it any verification of code signatures is left to the developer. So while MAS apps have a _CodeSignature folder containing a plist with all the hashes of the resource, in my experiments changing them had no effect on app launch.
I am wondering what limitations are imposed on the Mac app store. Can someone point me in the right direction? For instance, lets say I wanted to write an app that does incremental auto-backups of files on the Mac file system, is that possible with an app in the Mac app store, or would my only option be a standalone mac app?
On the iPhone, apps are self contained in their own "sandbox"? Does this same principal apply to mac app store apps?
Fellows, what the OP is really referring to is described here:
http://developer.apple.com/library/mac/#documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html
It is all about
Containers
Entitlements
PowerBox (daemon)
Once an application is "sandboxed" its view of the ~ "home" directory is that of a Container (which happens to be created upon first start in $HOME/Library/Containers/appBundleID/Data). Therein it finds its "private copy" of config, cache and data files. And off course it can't read anything else, unless...
... you give the application the appropriate Entitlements in the form of a codesign-ed property file (in fact, codesigning is integral part of the sandboxing concept).
One of these Entitlements is the "com.apple.security.files.user-selected.read-write" which allows the application to read and write exactly those files which the user has explicitly chosen via the standard save and open dialog respectively.
The PowerBox (pboxd) daemon then renders the appropriate file dialog in its own process space and adds the selected file paths to the list of allowed files. This is transparent to the application, that is no code changes are required - as long as the application uses the standard NSOpenPanel or NSSavePanel dialogs.
"To facilitate application sandboxing, Mac OS X v10.7 provides a trusted system daemon that is tasked with presenting open and save panels on behalf of applications running in an application sandbox. That daemon is called Powerbox (its process name is pboxd). These Powerbox-presented remote panels appear fully indistinguishable from in-process panels in terms of user experience.
Any time an application running inside a sandbox invokes an NSOpenPanel or NSSavePanel dialog, rather than showing the panels directly, AppKit automatically asks the Powerbox to present the dialog. From a developer perspective, there are no code changes required in terms of how these panels are used; this process is fully transparent." [end quote from Apple docs]
Given all that, what the OP would need (for a backup solution) are "unmediated read/writes":
"If an application chooses to derive the user's home directory in a way that bypasses Cocoa APIs (by directly invoking getpwent, for example), the application sandbox prohibits it from writing to the paths it receives (unless the application has the unmediated write entitlement, which is strongly discouraged for obvious security reasons." [end quote from Apple docs]
However the closest Entitlements which would give "free access to the file system" I could fine would be:
"
Absolute file read-only—The ability to read the files or directories at the specified absolute paths. (com.apple.security.temporary-exception.files.absolute-path.read-only)
Absolute file read/write—The ability to read or write the files or directories at the specified absolute paths. (com.apple.security.temporary-exception.files.absolute-path.read-write)
" [end quote from Apple docs]
And I am not sure whether an application could simply provide the root directory "/"
Anyway, carefully note that these entitlements are marked "temporary": Apple might remove/deprecate those entitlements at seen fit!
I believe that starting in November, Mac App Store submissions must adopt the App Sandbox. There are specific entitlements that you can request when your app is submitted to the app store, along with an explanation of why you need those entitlements. More information can be found in WWDC Session 204 video on the Developer site.
Technically, there is sandboxing on the OS X. However, applicants started manually by the user bypass those sandboxing restrictions (sometimes requiring escalation / admin verification screens).
Take a look at:
http://techjournal.318.com/security/a-brief-introduction-to-mac-os-x-sandbox-technology/
The are changing or have changed with the Lion release. Mac Store apps used to be able to do anything within the filesystem that the logged in user privs could allow but I think you are now required to use the entitlements system and hence sandbox your App.
Read this for more ideas
https://developer.apple.com/library/mac/#releasenotes/General/SubmittingToMacAppStore/_index.html#//apple_ref/doc/uid/TP40010572
This will help. Take a good look at it.
http://developer.apple.com/library/mac/#documentation/Security/Conceptual/AppSandboxDesignGuide/AppSandboxInDepth/AppSandboxInDepth.html#//apple_ref/doc/uid/TP40011183-CH3-SW16
You can currently find Hype or Pixelmator on the Mac App Store.
This proves evidently that you can save to disk and read from disk, which seems a basic feature of any serious application. Moreover, Apple is pushing developers to start using incremental auto-backups of files, it would therefore be very surprising if they forbade that in the App Store, wouldn't it?