NSSavePanel not has the User Selected File Read/Write permission in a sandbox inherit child process

I have an application running in the sandbox which launches an application bundle using NSTask.

The main app entitlements enable sandbox add the User Selected File Read/Write permission.

<dict>
	<key>com.apple.security.app-sandbox</key>
	<true/>
	<key>com.apple.security.files.user-selected.read-write</key>
	<true/>
</dict>

The child app entitlements enable sandbox and inherit.

<dict>
	<key>com.apple.security.app-sandbox</key>
	<true/>
	<key>com.apple.security.inherit</key>
	<true/>
</dict>

When invoke NSSavePanel *savePanel = [NSSavePanel savePanel] in the child process, system will throw the error.The error message prompt that missing the User Selected File Read/Write permission.

However, I have already added this permission in the main app, and I have set up the inherit in the child-process as well. The child process cannot add the User Selected File Read/Write permission again because it add sandbox and inherit in entitlements by the doc EnablingAppSandbox . It appears that the system is not inheriting this permission for the child process.

panel[60195:2499353] [OpenSavePanels] Unable to display save panel: your app is missing the User Selected File Read/Write app sandbox entitlement. Please ensure that your app's target capabilities include the proper entitlements.

And the error stack.

[miscellany] CLIENT ERROR: remote view delegate NSSavePanel lacks method which can react to the details of Error Domain=com.apple.ViewBridge Code=14 "(null)" UserInfo={com.apple.ViewBridge.error.hint=-[NSViewServiceMarshal bootstrap:withReply:] caught NSInternalInconsistencyException '+[NSOpenAndSavePanelService loadViewToService:isOpenPanel:appCentric:] : failed entitlements check' with backtrace (
    "0   CoreFoundation                      __exceptionPreprocess + 242",
    "1   libobjc.A.dylib                     objc_exception_throw + 48",
    "2   CoreFoundation                      -[NSException raise] + 9",
    "3   com.apple.appkit.xpc.openAndSavePan com.apple.appkit.xpc.openAndSavePan + 16852",
    "4   AppKit                              -[NSViewController _loadViewIfRequired] + 72",
    "5   AppKit                              __24-[NSViewController view]_block_invoke + 27",
    "6   AppKit                              NSPerformVisuallyAtomicChange + 132",
    "7   AppKit                              -[NSViewController view] + 123",
    "8   ViewBridge                          -[NSViewServiceMarshal _bootstrap:replyData:completion:] + 1826",
    "9   ViewBridge                          -[NSViewServiceMarshal bootstrap:withReply:] + 245",
    "10  CoreFoundation                      __invoking___ + 140",
    "11  CoreFoundation                      -[NSInvocation invoke] + 305",
    "12  CoreFoundation                      -[NSInvocation invokeWithTarget:] + 70",
    "13  ViewBridge                          -[NSVB_ViewServiceImplicitAnimationDecodingProxy forwardInvocation:] + 178",
    "14  CoreFoundation                      ___forwarding___ + 756",
    "15  CoreFoundation                      _CF_forwarding_prep_0 + 120",
    "16  CoreFoundation                      __invoking___ + 140",
    "17  CoreFoundation                      -[NSInvocation invoke] + 305",
    "18  CoreFoundation                      -[NSInvocation invokeWithTarget:] + 70",
    "19  ViewBridge                          -[NSVB_QueueingProxy forwardInvocation:] + 321",
    "20  CoreFoundation                      ___forwarding___ + 756",
    "21  CoreFoundation                      _CF_forwarding_prep_0 + 120",
    "22  CoreFoundation                      __invoking___ + 140",
    "23  CoreFoundation                      -[NSInvocation invoke] + 305",
    "24  CoreFoundation                      -[NSInvocation invokeWithTarget:] + 70",
    "25  CoreFoundation                      ___forwarding___ + 756",
    "26  CoreFoundation                      _CF_forwarding_prep_0 + 120",
    "27  CoreFoundation                      __invoking___ + 140",
    "28  CoreFoundation                      -[NSInvocation invoke] + 305",
    "29  ViewBridge                          __deferNSXPCInvocationOntoMainThread_block_invoke + 142",
    "30  ViewBridge                          __wrapBlockWithVoucher_block_invoke + 37",
    "31  ViewBridge                          kNotRunningOnAppKitCompatibleThread_block_invoke + 323",
    "32  CoreFoundation                      __CFRUNLOOP_IS_CALLING_OUT_TO_A_BLOCK__ + 12",
    "33  CoreFoundation                      __CFRunLoopDoBlocks + 398",
    "34  CoreFoundation                      __CFRunLoopRun + 2015",
    "35  CoreFoundation                      CFRunLoopRunSpecific + 560",
    "36  HIToolbox                           RunCurrentEventLoopInMode + 292",
    "37  HIToolbox                           ReceiveNextEventCommon + 657",
    "38  HIToolbox                           _BlockUntilNextEventMatchingListInModeWithFilter + 64",
    "39  AppKit                              _DPSNextEvent + 858",
    "40  AppKit                              -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 1214",
    "41  ViewBridge                          __77-[NSViewServiceApplication vbNextEventMatchingMask:untilDate:inMode:dequeue:]_block_invoke + 111",
    "42  ViewBridge                          -[NSViewServiceApplication _withToxicEventMonitorPerform:] + 114",
    "43  ViewBridge                          -[NSViewServiceApplication vbNextEventMatchingMask:untilDate:inMode:dequeue:] + 151",
    "44  ViewBridge                          -[NSViewServiceApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 99",
    "45  AppKit                              -[NSApplication run] + 586",
    "46  AppKit                              NSApplicationMain + 817",
    "47  libxpc.dylib                        _xpc_objc_main + 867",
    "48  libxpc.dylib                        xpc_main + 96",
    "49  ViewBridge                          xpc_connection_handler + 0",
    "50  ViewBridge                          NSViewServiceMain + 1789",
    "51  com.apple.appkit.xpc.openAndSavePan main + 178",
    "52  dyld                                start + 1903"
), com.apple.ViewBridge.error.description=NSViewBridgeErrorServiceBootstrap}
Up vote post of ms-xu Down vote post of ms-xu
480 views
Posted by
ms-xu
Reply
Add a Comment

Replies

I have an application running in the sandbox which launches an application bundle using NSTask.

I recommend against doing that. When launching a GUI app, start it as an independent thing using NSWorkspace. Running a GUI app as a child process using NSTask works in most cases, but then you run into weird issues like this one.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo

  • 1.Our architecture dictates that we must launch the application using a parent-child process.

    2."If your app employs a child process created with either the posix_spawn function or the NSTask class, you can configure the child process to inherit the sandbox of its parent. ".We have correctly inherited the sandbox according to the documentation, but the User Selected File Read/Write permission is missing. We expect the NSSavePanel work fine within the sandboxed child process.

    ms-xu
Add a Comment