« Release notes for SQL… | Home | HUD Objects »

Sandboxing

Whether you app is made with Real Studio, Filemaker, Xcode or something else, you'll need to learn about sandboxing.
First you can read Apple's Documentation.
The important thing is to write an entitlement plist file. This can be a text file saved with some text editor (like BBEdit) and saved with extension .plist. Or use the Property List Editor application coming with Xcode.

An entitlement file can look like this:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
</dict>
</plist>
As you see it's simply an xml file with some special keys and values. Here we turn sandbox on and than define that we want user selected files to be read or written.

Once you have your compiled Carbon or Cocoa application and your entitlement file, you can sign your application. For that you need to name the certificate. If you are Mac Developer, you probably have already a Mac App Store 3rd party developer certificate, so you can use that one. The line goes like this:
codesign -s "certificate name" /path/to/your.app --entitlement yourfile.plist
Now you can run your app on Mac OS X 10.7 and see the sandbox: Yes in the activity monitor application.
It seems like our NSSavePanelMBS class works just fine in sandboxed application. Or do you see an issue?
02 10 11 - 10:14