sandbox

Can attackers defeat iOS keychain and data-protection encryption? [closed]

a 夏天 提交于 2019-12-06 05:23:14
问题 It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center. Closed 7 years ago . I am developing an iOS app that it has to store username and password and other sensitive data. I am considering using NSUserDefaults or keychain storage. Are there other more secure method to keep attackers from

Edit system preferences from cocoa

谁都会走 提交于 2019-12-06 04:08:29
Is there any way to edit system preferences programmatically using cocoa? Is there some framework required? I need to do this to change the global proxy settings. Also, my app is sandboxed. Is there any sample code on how to do this? Thanks for your help. You're looking for the System Configuration framework, but it's not going to be easy. I don't think it's possible for a sandboxed app, because it requires root privilege. (Just like you have to authenticate as an admin to modify settings in the Network pane of System Preferences.) See the System Configuration Programming Guidelines . Among

Accessibility API stops working after sandboxing

大城市里の小女人 提交于 2019-12-06 03:31:19
问题 My Mac App uses accessibility API to move an resize window (of other apps). I would like to submit my app to the MAS (Mac App Store). I have read that to submit an app to the MAS is mandatory to turn on sandboxing. When I turn on the sandboxing my code can´t find the focused window through the accessibility API (always return NULL). The question is: the accessibility API can´t be used with sandboxing? I notice that there are applications in the Mac App Store that uses accessibility API, is

Disabling std. and file I/O in Python sandbox implementation

两盒软妹~` 提交于 2019-12-06 02:33:47
问题 I'm trying to set up a Python sandbox and want to forbid access to standard and file I/O. I am running the sandbox inside of a running Python server. I've already looked at modules like RestrictedPython and PyPy ; however, I want to be able to compile the sandbox code inside of my running Python server, not through an external process. Are there any alternative ways to prevent access to commands like print , raw_input , or open ? Could the aforementioned modules be used in a way where sandbox

Looking for a locked down script interpreter [closed]

元气小坏坏 提交于 2019-12-06 02:30:50
I'm looking for a .NET library that does a specific task. Say my app has been sent a program (in some script language) and I want my app to run that script. That script could come from an openly hostile individual, but I want to run it anyway. (Like JavaScript in a browser.) var sc = new SecureScript("SomeFileFromAnUnknownPossiblyHostileSource.xyz"); /* Set some event handlers. */ sc.Run(); During the Run call, the script could construct it's own data, mess around with simple data types, do whatever it wants as long the effects are contained within it's own world. If the script attempts to

Javascript Sandbox

烂漫一生 提交于 2019-12-06 01:49:14
问题 I want to have developers write some custom apps for a site in Javascript but I want to sandbox it so they can't do anything naughty like redirect the user, set the body display to none etc etc. I have a namespace in Javascript where all the functions they'll ever need exist in there so I was thinking to create a sandbox would be a matter of: with(Namespace) { //App code goes here where they can only access Namespace.* } How is easy is it to get around this and what other methods can be done?

Using the socket module in sandboxed Pypy

亡梦爱人 提交于 2019-12-06 01:38:43
问题 I'm attempting to allow a subprocess sandboxed with Pypy to communicate, using a limited protocol, with the parent process. After reviewing the source code of the pypy/pypy/translator/sandbox/sandlib.py included with Pypy, it appears that there is a VirtualizedSocketProc that allows os.open calls to open sockets. I've changed some functionality of the code (for example, allowing TCP connections on limited ports), but very little has been changed. However, I'm unable to actually import Pypy's

Paypal Sandbox Testing - Change of URL Endpoint?

允我心安 提交于 2019-12-06 01:33:50
问题 It seems there are a lot of changes with Paypal Sandbox lately and I am stuck with my testing. Before, we only point to https://www.sandbox.paypal.com/cgi-bin/webscr for Sandbox testing as seen in the code below: <form action="https://www.sandbox.paypal.com/cgi-bin/webscr" method="post" style="padding: 0; margin: 0;"> <input type="hidden" name="cmd" value="_xclick" /> <input type="hidden" name="business" value="your bussiness id" /> <input type="hidden" name="quantity" value="1" /> <input

Launch Helper Application with Launch Arguments in the Sandbox

别说谁变了你拦得住时间么 提交于 2019-12-05 21:22:35
I'm trying to launch a helper application that is located inside my main apps's bundle directory with a launch argument while sandboxing is turned on. The helper application is launched via /usr/bin/open through NSTask or posix_spawn . While the helper is launched, it never receives any launch arguments I've sent with it. This must have something to do with the apps both being sandboxed. What's the official way to do this? 来源: https://stackoverflow.com/questions/33473610/launch-helper-application-with-launch-arguments-in-the-sandbox

技术分享 | 如何使用 dbdeployer 快速搭建 MySQL 测试环境

大憨熊 提交于 2019-12-05 20:05:01
作者:余振兴 一、工具介绍 dbdeployer 是一款十分强大的数据库测试环境部署工具,可实现一键部署不同架构、不同版本的数据库环境。 如:MySQL 主从复制、GTID 模式复制、MySQL 组复制(单主模式、多主模式等) 完整的数据库类型支持及版本,可在安装完 dbdeployer 后使用 dbdeployer admin capabilities 命令进行查看,以下是当前已支持数据库及组件类型 Oracle MySQL Percona MySQL MariaDB TiDB MySQL NDB Cluster Percona XtraDB Cluster mysql-shell 本文主要介绍基于 dbdeployer 工具快速搭建 MySQL 测试环境以及 dbdeployer 的基础使用。完整的功能特性以及使用方式可查看 dbdeployer 文档手册,dbdeployer 的文档手册十分详细的介绍了该工具特性及各类使用方式,可查看文末的相关链接。 二、工具安装 本文以 MacOS 下部署为例,Linux 平台安装部署方式基本类似( 该工具不提供 Windows 版本 ),可访问 https://github.com/datacharmer/dbdeployer/releases 获取最新版 dbdeployer 下载链接,以下内容中 shell> 表示命令行提示符 ```
订阅 sandbox