stackoom
  简体   繁体   中英

App sandboxing issue with Apple Mac app store

 原文  2015-11-04 04:17:48       python/ macos/ sandbox/ code-signing/ entitlements

Question

I am creating the entitlement keys for my app's sandbox. I'm having some issues with the entitlement key com.apple.security.temporary-exception.sbpl . There are five exceptions that I need to add to this key and they are ipc-posix-sem , file-issue-extension , mach-lookup , file-write-create , and file-read-data . Because I am making this application outside of Xcode (I'm using Python), I have to manually create the entitlement file. I already 'succeeded', but Apple doesn't seem to like my formatting.

Here is the original code: 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>com.apple.security.app-sandbox</key>
    <true/>
    <key>com.apple.security.files.user-selected.read-write</key>
    <true/>
    <key>com.apple.security.temporary-exception.sbpl</key>
    <string>
            (begin
                (allow ipc-posix-sem)
                (allow file-issue-extension)
                (allow mach-lookup)
                (allow file-write-create)
                (allow file-read-data))
        </string>
</dict>
</plist>

After being rejected for com.apple.security.temporary-exception.sbpl , I made the following revision: 

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>com.apple.security.app-sandbox</key>
    <true/>
    <key>com.apple.security.files.user-selected.read-write</key>
    <true/>
    <key>com.apple.security.temporary-exception.sbpl</key>
    <array>
        <string>(allow ipc-posix-sem)</string>
        <string>(allow file-issue-extension)</string>
        <string>(allow mach-lookup)</string>
        <string>(allow file-write-create)</string>
        <string>(allow file-read-data)</string>
    </array>
</dict>
</plist>

My question is this: Is my new formatting the correct way of using the .sbpl entitlement? After tasting my app, it works with this new entitlement file, now all I need to know is if it is acceptable for Apple.

I found two examples of entitlement files from here and here , and I believe my file is setup appropriately after looking at them.

1 answers

solution1
 1  2015-11-04 09:04:47

I found another Sandbox entitlements file in GitHub and your formatting looks correct to my eyes.

I think another problem may be is that you need to supply arguments after commands like " mach-lookup ". I'm looking at the Apple Sandbox Guide unofficial documentation found here .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Google Play Store/Apple App Store API for app revenue Get app info with Apple Store Connect API App Sandboxing: Python wandering out of the sandbox Is it possible to deploy a Python application on the Mac App Store? Python apps in the Mac app store with TKinter Bundle wxPython App for Mac App Store without ppc code (binary) Using regex in Python to extract description of an app from Apple store html building Python py2app issue on Mac How to enable App sandbox for a python app on OSX (The python app is targeted for Mac App Store) Kivy/Pyinstaller Mac app dock icon resolution issue
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM