Files that are selected by the user or dragged by the user are OK with the sandbox because of the following standard exception.
key>com.apple.security.files.user-selected.read-write</key>

But when a user drags a folder to the Icon Pallet window, it creates a button that they can later right-click on to see the contents of the folder.
That folder must be scanned each time they right-click because the contents may have changed.

I think that is why I need the following exception which is being rejected
com.apple.security.temporary-exception.files.absolute-path.read-only: /

I will need to go through my code to see what is requiring that exception.
I was guessing it was fn ScanFolder but I just created a small test program and it works with FN ScanFolder.
So I need to do more digging to find out why sandboxing is failing.

This works with sandboxing so it is not the culprit...

include "Tlbx CarbonEvents.incl"
include "Tlbx MacTextEditor.incl"
include "Tlbx UTCoreTypes.incl"
include "Util_FileDirectory.incl"

window 1
text _sysFont, 13
edit field 1, "Hello, world!", (10, 10)-(110, 26 ), _statNoframed

dim myFldSpec as FSSpec
dim scanStuff As FileScanRec
dim err as OSErr
dim Index as short

err = fn FSMakeFSSpec( 0, 0,"MyDriveName:Applications", @myFldSpec)

scanStuff.ScanSpec  = myFldSpec
scanStuff.ScanIndex = Index
Index = 6

While fn ScanFolder( scanStuff ) >= 0
//FBNSLog(@"scanned folder")

long if (scanStuff.FndrFlags and _finvisible) or left$(scanStuff.ScanSpec.name,1) = "."
'don't add invisible items to the menu
xelse
INC (Index)

end if
Wend

print Index

do
HandleEvents
until ( gFBQuit )


On May 9, 2013, at 6:23 PM, Brian S <fblistserve@...> wrote:


On May 9, 2013, at 4:10 PM, Brian S <fblistserve@...> wrote:

One of the main tenets of sandboxing is all is allowed if the user navigates to the file and selects it.

Page 18 of the App Sandbox Design Guide confirms:

"When a user of your app specifies they want to use a file or a folder, the system adds the associated path to your app’s sandbox. Say, for example, a user drags the ~/Documents folder onto your app’s Dock tile (or onto your app’s Finder icon, or into an open window of your app), thereby indicating they want to use that folder. In response, the system makes the ~/Documents folder, its contents, and its subfolders available to your app."

Brian S.





--
To unsubscribe, send ANY message to: futurebasic-unsubscribe@... To access the list archives, go to: http://freegroups.net/groups/futurebasic/




Rich Love - Carnation Software
Get 'Say it & Mail it' for iPhone
http://www.SayitMailit.com

MacWise Terminal emulation for Macintosh
http://www.CarnationSoftware.com
Twitter - http://twitter.com/CarnationSW
Email - RichLove@...
512 858-9234




--
To unsubscribe, send ANY message to: futurebasic-unsubscribe@... To access the list archives, go to: http://freegroups.net/groups/futurebasic/