Mac OS X Sandbox Apps confusion - xcode4

I am making a small App for the Mac OS X App store with xcode/cocoa that needs read only access to folders on the user's system. The user will choose the folders.
According to Apple's specs the Sandbox will only allow access to files outside of the apps sandbox if a user's chooses it.
Does this mean, that if I present the user with a folder thru the open dialog, then the app will have read access to that and all the subfolders? Or is sandboxing only for individual files.
In addition, does the user have to repeat the process every time there is a relaunch of the App?

The app will have access to all the subfolders, of the user selected folders.
You can use Security-Scoped Bookmarks.

Related

Sharing data files between users in a Universal Windows Platform application

I am about to embark on the development of a line of business application using the Universal Windows Platform (Windows 10). One of the requirements of the application is the synchronisation of data from a server to a local SQLite database; this is required because the application needs to be usable where there is no network connectivity.
It is likely that multiple (windows domain) users will be accessing the application on the same device, sometimes simply by "swapping users", other times by logging off the first user and logging on as a new user.
I realise that UWP applications are installed at a user level, however I would like to be able to share the SQLite database between these users instead of forcing each user to download their own copy of the data.
Is this possible? I am struggling to find any reference to this kind of sharing within the Microsoft documentation - but of course that documentation is new and far from complete!
I guess at the end of the day I am looking for access to a folder that is accessible by any user running that application on the same device, such as the "x:\Users\Public" folders that are available from the desktop, but without having to ask the user to provide access to that folder via any picker control - instead simply being able to "open" it.
Thanks.
In case anyone runs across this, this functionality is now available as described in this blog post:
We introduced a new storage location Windows 10, ApplicationData.SharedLocalFolder, that allows multiple users of one app to share local data. Obviously this feature is only interesting with devices that will be used by more than one person. For such scenarios, for example in educational uses, it may make sense to place any large downloads in Shared Local. The benefits will be two-fold: any user can access these files without the need to re-download them, also there will be storage space savings
Keep in mind that Shared Local is only available if the machine has the right group policy, otherwise when you call ApplicationData.Current.SharedLocalFolder you will get back a null result.
In order to enable Shared Local the machine administrator should enable the corresponding policy.
Alternatively, the administrator could create a REG_DWORD value called AllowSharedLocalAppData with a value of 1 under HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\AppModel\StateManager
Note that data store in ShareLocal will only be persisted as long as the app is installed on the device and won’t be backed up by the system.
In Solution Explorer , Right click on Package.appxmanifest then click on ViewCode , end of this file in both projects add below code :
<Extensions>
<Extension Category="windows.publisherCacheFolders">
<PublisherCacheFolders>
<Folder Name="FolderName" />
</PublisherCacheFolders>
</Extension>
</Extensions>
After that in code you can access this folder with below line of code :
StorageFolder sharedDownloadsFolder = ApplicationData.Current.GetPublisherCacheFolder("FolderName");
It`s so important that the folder you will share between two these Apps depend on same publisher info at Certificate File [ProjectName]_TemporaryKey.pfx , if this Certificate File and publisher Info of app is same in both Projects , then you can access the same SharedFolder in both application and use it for create or use dataBase file(like SQLite Database file) or other files that need to be share in both applications.

Associating a live id with a downloaded executable

I am writing a webpage that can be used to download an executable that can run on your machine and can access System Registry on user approval. The site has live id authentication before the user can download the executable to run. This executable reads system registry for a list of installed metro apps. The executable then uploads data from the scan to a database in the cloud. Is there a way for the executable to somehow get access to the live id that the user logged into the webpage with? I would like to upload the live-id + results of the scan to the database. The database will be keyed off the user's live id. We would need to assume that the user may not be logged on his local machine with the live id account.
Any help will be greatly appreciated, as would any other means to achieve this result.
I’m not really sure you can easily associate this using only .exe file. You can experiment with following options
Change your app so that it can read live ID from an xml config file and then instead having users to download only exe you get them to download exe + config in a zip file for example.
Second option is to have the user to manually enter live ID before running the app.
Another option would be to match MAC address used to access the application with MAC address used to send the results. When user logs in you store it’s MAC address somewhere and then match that with MAC address used for sending data. Not an ideal solution really but you can work on something similar in this direction.

Use of shared database in Windows 8 App

I am developing a set of apps for Windows 8 which require local data storage and I'm experiencing a trouble in accessing the data from these apps. As far as I know, each app has its own location to store its data. Is it principally possible to access one file in Windows.Storage from different apps? I am using SQLite as a database server and it is necessary to have one common database to share data between the apps.
No, the applications are sandboxed so they cannot access each other's local data storage. If you're willing to have your application initialization process ask the user where to put/find the SQLite database, then the applications could share that same file at a location on the file system that the user has selected via the File Picker.
That means, of course, that the user has to remember where the file is whenever he first launches the "second" app, since he'll need to browse to the same location where he "first" app deposited it.
If you leverage AccessCache.StorageItemAccessList, though, you can save that file location in your app's local storage, so the next time the user runs either app he doesn't have to go through the File Picker to grant permission again.

save a file on a local machine from a flex web app

is there a way to save, not save as, from an online flex app onto someone's local machine? Basically, if a user opens a file local to their machine in an online flex app, is there a way to allow them to save it locally without going through dialog boxes and picking file names?
Note: I've read that this is possible on Air, but seems unlikely in Flex - my hope is that some workaround may exist...
thx!
f
No. For security reasons, the online application does not have access to the user's harddrive. This is why the "save as" functionality has been added. It allows the user to choose to save a file.

Does Adobe Air have unconstrained file system access?

I've found several examples and documentation that show how to read and write files on the system, but all show user intervention or reading/writing files in user profile directories. There are a few things I want to do:
Monitor system and other application log files for changes, then automatically load those files when changes occur
Reload a previously open file when the application launches
Write files into a log directory, which probably will not exist in the same path as the application.
In my very quick search, it seems that there may be a security model that constrains an AIR application's access to the file system, so that files can only be read or written to directories selected by the user with the file system dialog OR files can be written within the user profile or air application directory.
Does an Adobe Air application have unconstrained access to the file system?
AIR has exactly the same access to the file system as the current User. If you are admin on your computer, AIR har full access to all files. If you are a restricted user, AIR has restricted access.
One thing to be mindful of is that if you load swf:s from the AIR app's home directory, it will be run in the Application sandbox. If you read it from outside, it will be executed within a File sandbox which is essentially the same as loading from the web.
Some comments on your list:
1 Monitor system and other application log files for changes, then automatically load those files when changes occur
As far as I know, AIR cannot monitor the file system. You will have to poll this regularly.
2 Reload a previously open file when the application launches
Save this info in a file or SQLite and check it when the app starts.
3 Write files into a log directory, which probably will not exist in the same path as the application.
The main thing to remember is to use the file path abstractions in AIR rather than OS specific paths such as c:/
I would say your answer depends on the platform. I'm sure that Adobe Air does not automatically have root access on OS X, so it would not be able to read, write and execute in cases where whatever owner started the AIR app did not have the right permissions for accessing a file. In short, you probably have the same privileges any other program running on the computer might have that was installed by the same user.
More information here:
http://help.adobe.com/en_US/AIR/1.5/devappshtml/WS5b3ccc516d4fbf351e63e3d118666ade46-7f05.html#WS5b3ccc516d4fbf351e63e3d118666ade46-7e35

Resources