All geek questions in one place

Detect if running application is isolated

For a pid application, is there any way, programmatically, to determine if this application works in an OSX sandbox environment?

Ideally, I would like to know if there is an API somewhere, preferably in C, and not objective-C (for the daemon, therefore not using Cocoa), but if not, is there another way to check?

+4
source share
3 answers

@Linuxios was partially right because there is a call to CoreFoundation. In fact, there are several that, when combined, can be used to solve this problem and are based on calling SecStaticCodeCheckValidityWithErrors

For those who may need or need to programmatically test an application that will be isolated, you can run this blog .

In addition, the full article code has been added to Github here .

+3
source

First you must get the application path from pid, and then you can use the codesign --display --entitlements - app_path to view all rights. If the application has rights, com.apple.security.app-sandbox is set to true, then it is isolated.

You can look here .

0
source

To detect sandboxes in Flex / AIR / AS3 you can use the following kludge. The same approach should also work in objc. The only condition under which this does not work would be if the Documents folder was completely empty. Or you can use any other folder that is prohibited for the sandbox.

  var file:File = File.userDirectory; var a:Array = file.nativePath.split("/"); var userName:String = a[2]; var docFolder:File = new File("/Users/" + userName + "/Documents/"); var dirList:Array = docFolder.getDirectoryListing(); if (dirList.length>0) { docDirectoryDisplay.text = "App is NOT sandboxed."; } else { docDirectoryDisplay.text = "App is sandboxed."; }
0
source

Source: https://habr.com/ru/post/1486864/

More articles:


All Articles