sandbox

Sandbox with NSTask

北慕城南 提交于 2019-12-07 11:25:38
问题 I have sandboxing enabled and use /sbin/ping with NSTask: [task setLaunchPath:@"/sbin/ping"]; [task setArguments:[NSArray arrayWithObjects:@"-c10", iPAddress, nil]]; Everything works great and I get the expected output. I also want to use /usr/sbin/traceroute with NSTask: [task setLaunchPath:@"/usr/sbin/traceroute"]; [task setArguments:[NSArray arrayWithObject:iPAddress]]; But the task terminates with the message: NSTask: Task create for path '/usr/sbin/traceroute' failed: 22, "Invalid

Sandboxed iFrame with `target=“_blank”` doesn't open new tab or window

末鹿安然 提交于 2019-12-07 08:08:00
问题 I just created an iFrame with the sandbox attribute. Whenever I try to open a link with target="_blank" or target="_top" or when I try to use window.open() nothing happens. Here's my code: <iframe src="http://www.google.com/" sandbox="allow-top-navigation allow-same-origin allow-forms allow-scripts"> Apparently your browser doesn't support iFrames! </iframe> 回答1: Apparently Chrome allows an undocumented sandbox property called allow-popups to be set. The property is also supported in Firefox

Lua Sandbox with special functions which leak

假装没事ソ 提交于 2019-12-07 08:00:43
问题 I am trying to use How can I create a secure Lua sandbox? to build my own leaky sandbox. I am trying to create a Lua sandbox where some Lua functions can access some other Lua functions outside the sandbox. For example I want my sandbox to have a special "display" function which can call "print" but not have "print" in the sandbox too. The main problem is that I am trying to build a sandbox within an already large codebase, so I cannot nil away functions. How is this possible? The solution

Check if path under app-scoped bookmark is writable inside sandboxed app

无人久伴 提交于 2019-12-07 05:19:02
问题 I have an OS X app, which stores an app-scoped bookmark to persist access to certain directories. I am able to write to those directories without any problems, but there is a part in my code where I want to make an extra check to confirm that the path is writable and it fails. var fileManager: NSFileManager = NSFileManager.defaultManager() var baseUrl: NSURL = try! NSURL(byResolvingBookmarkData: data, …) var fileUrl: NSURL = url.URLByAppendingPathComponent("foo.txt") // Changing this order

CFMessagePort and sandboxing

Deadly 提交于 2019-12-07 04:35:21
问题 I am adapting a MacOS application to use sandboxing. It uses a helper application (an exe in the same bundle) that fails when I try calling CFMessagePortCreateRemote with a 'deny mach-lookup' message in the console. I can see the com.apple.security.temporary-exception.mach-lookup.global-name entitlement key could solve this, but it is only temporary. Is there a way to achieve a communication between two apps with a mach port in a sandboxed application? Errors: let port =

Can a sandboxed app sold on the Mac App Store access system folders?

北城余情 提交于 2019-12-07 02:49:22
问题 Is it possible for an app sold thru the Mac App Store to access system folders? I mean this: my app needs to read the contents of directories that are outside the sandbox area, lets say something like /Library/StartupItems and possibly delete a file there if the user wants. Is it possible for a sandboxed app to access system folders and delete files there? If it cannot delete, can it at least read? Do I have to enable sandbox if I want to sell on the Mac App Store? I have tried a directory at

html5 javascript- How to catch attempt to initiate navigation out of sandboxed iframe?

这一生的挚爱 提交于 2019-12-06 19:49:05
问题 I have an sandboxed iframe that doesn't allow changing location: <iframe sandbox="allow-forms allow-popups allow-pointer-lock allow-same-origin allow-scripts" class="iframe visible" src="thesource.html" width="100%" scrolling="auto" frameborder="0"></iframe> If the iframe tries to unframe itself or change location I see a blank page because the browser stops the iframe's operation. This is the log from Chrome: Unsafe JavaScript attempt to initiate navigation for frame with URL 'http://example

one project, two versions? (sandboxed and nonsandboxed version)? any easy way to maintain the code?

这一生的挚爱 提交于 2019-12-06 14:39:00
I have developed a cocoa project and right now it has two versions, both sandboxed and non-sandboxed version. there are some differences between the sandboxed and non-sandboxed version, but the majority is the same. ie. for sandboxed version I will have limited access to certain directories, and in order to access some directories like desktop I'll have to add the entitlement. for the non-sandboxed version, I'll have no limitation on the directories, also I am allowed to add the "check for update" aka sparkle framework etc. both are still in testing mode (ie. not yet submitted to the mac app

Java Applet sandbox security, local vs external access

*爱你&永不变心* 提交于 2019-12-06 12:52:36
问题 I had a bug in our (code signed) java applet "access denied (java.net.SocketPermission x.x.x.x:443 connect_resolve." We had an html "save" button that was calling (via javascript) an applet method to save a file, loaded into the applet, onto the webserver. After some extensive google research, I fixed it by wrapping our applet's save method code in doPrivileged(). Bug seems to be fixed, people are happy. I want to confirm that I completely understand the original circumstances and the

How to install a draft app on a blackberry sandboxed account

Deadly 提交于 2019-12-06 12:34:46
问题 I have uploaded an app on Blackberry World, in draft mode, added my account to the sandbox section, but how do I install the app on my device? 回答1: Those instructions are for BBOS, not BB10. For BB10, you need to turn on Development Mode on your device from the device Settings. Then open BlackBerry World, open the application menu, choose Settings > Development Mode. Enter your SKU or BlackBerry World content ID, hit Test Content. It should open to the details page of your App. (I think it
订阅 sandbox