sandbox

问题 I am trying to execute an Automator workflow from a sandboxed AppKit app. Minimal example + github repo : NSOpenPanel * panel = [NSOpenPanel openPanel]; [panel setAllowsMultipleSelection:NO]; [panel setCanChooseFiles:YES]; [panel setCanChooseDirectories:NO]; [panel setAllowedFileTypes:[NSArray arrayWithObject: @"com.apple.automator-workflow"]]; NSInteger result = [panel runModal]; if (result == NSFileHandlingPanelOKButton) { NSURL * workflow = [[panel URLs]objectAtIndex:0]; NSLog(@"selected

问题 I'm getting the System.Security.SecurityException The demand was for: <PermissionSet class="System.Security.PermissionSet" version="1" Unrestricted="true"/> when attempting to create an AppDomain with restricted permissions defined as follows: var permissionSet = new PermissionSet(PermissionState.None); permissionSet.AddPermission(new FileIOPermission(FileIOPermissionAccess.Read | FileIOPermissionAccess.PathDiscovery, System.Reflection.Assembly.GetExecutingAssembly().Location)); permissionSet

问题 I am developing a Cocoa application, and it requires 10.7+. So, I will gladly use the new shiny APIs. What I would like to do is download some MP3s and probably some XML data from our back-end server, and store it on the user's Mac. I would much like to store it within the "application.app" directory, alongside the initial resources that are bundled with the application. Can I do that? Store files within the application.app? If not, where is the preferred directory to store the additional

问题 I'm using the NSSavePanel in OS X 10.10 in a sandboxed app to let the user choose the save location of a file (pretty standard), however the app crashes when i call: NSSavePanel *panel = [NSSavePanel savePanel]; I get this in the debugger: 2014-10-14 18:22:16.019 Farm Hand[2807:942766] an error occurred while attempting to connect to listener 'com.apple.view-bridge': Connection interrupted 2014-10-14 18:22:16.020 Farm Hand[2807:942766] *** Assertion failure in +[NSXPCSharedListener

问题 I wish if someone tells me the steps required to install gloss-examples in a sandbox along with all its dependencies. Here is what I tried to do: I downloaded the gloss-examples package from hackage. When I ran the command, after changing into the ~/gloss/gloss-examples-1.9.4.1 ~/gloss/gloss-examples-1.9.4.1$cabal sandbox init it succeeded, so I issued the command ~/gloss/gloss-examples-1.9.4.1$cabal install --only-dependencies but then I got the following errors: Resolving dependencies...

问题 My app reads iTunes' XML Library file under /Users/username/Music/iTunes/iTunes Music Library.xml However, if the iTunes Library is stored on a different hard disk, so will this file. The sandbox doesn't allow me to access this file, unless the user grants it. This is done using a NSOpenPanel . However, now I'd have to ask the user for permission to access this file each time he opens up the app, which is pretty annoying. Is there a way to permanently grant access to a specific file? EDIT For

问题 Is it possible to create an environment to safely run arbitrary Python scripts under Linux? Those scripts are supposed to be received from untrusted people and may be too large to check them manually. A very brute-force solution is to create a virtual machine and restore its initial state after every launch of an untrusted script. (Too expensive.) I wonder if it's possible to restrict Python from accessing the file system and interacting with other programs and so on. 回答1: Consider using a

问题 What are the exact security implications of setting ApplicationBase of a slave sandbox domain to the same path as the hosting domain? I found MSDN guidelines that state that ApplicationBase should be different for the slave domain "If the ApplicationBase settings are the same, the partial-trust application can get the hosting application to load (as fully trusted) an exception it defines, thus exploiting it" (p. 3): http://msdn.microsoft.com/en-us/library/bb763046.aspx How exactly would this

问题 I'm using nodejs as a middle-man between a client browser and the server to handle all the requests. I'm trying to use nodejs as a filter tool and highlight (if not) all malicious scripts. But I realize that nodejs let the script to run with the current environment privilege. So, I decide to run it in a new context by installing sandbox ( npm install sandbox or git clone git://github.com/gf3/sandbox.git ). However when I run node I have this following error: TypeError: Cannot call method \

问题 This question already has answers here : Detect if JavaScript is Executing In a Sandboxed Iframe? (2 answers) Closed 4 years ago . I'm trying to detect if a page is loaded via a sandboxed iframe. Is this possible? For example,we provide custom embeddable widgets and some people think they are being smart by sandboxing them in their iframe, but this breaks certain things.. such as window.top.location Obviously, they could enable the features we need, but ideally, I should be able to just do