How to program programatically hide file and folder from Finder

I'm developing an APP on Mac. There will be some template sensitive file be decrypte during the user using it.

I don't want my client see these files by Finder or Terminal, so I tried to mount a file system and store the decrypted folder under the filessystem, then don't return the contents of decrypted folder when filesystem call contentsOfDirectory. It works under my filesystem.

But when user directly access these files by Finder(not from my filesystem mounted path), the files are still here can be seen by the user.

Is there anyway to make my files hide from Finder? Such as Finder extension, or some special folder Mac offered to store these sensitive files?

Up vote post of Ere0n Down vote post of Ere0n
192 views
Posted by
Ere0n
Reply
Add a Comment

Accepted Reply

After several days research, finally I found a way to hide contents of the folder.

Just use the Endpoint system extension, and deny all ES_EVENT_TYPE_AUTH_READDIR when the msg->event.readdir.target->path.data is my folder path.

Although this makes it impossible for me to see these files under my filesystem, but I can still use file system API such as open(), createFile() to do some operations on the files.

Posted by
Ere0n
Up vote reply of Ere0n Down vote reply of Ere0n
Post marked as solved
Add a Comment

Replies

You can save in LibraryDirectory instead of documents : https://stackoverflow.com/questions/53388178/how-to-i-hide-specific-file-in-file-app-of-device

Or start the name with a dot, as explained here: https://developer.apple.com/library/archive/documentation/FileManagement/Conceptual/FileSystemProgrammingGuide/FileSystemOverview/FileSystemOverview.html

Posted by
Claude31
Up vote reply of Claude31 Down vote reply of Claude31

  • Thanks for your replay. But I think store file in LibraryDirectory is just suit for iOS user, but on Mac, user still can access his LibraryDirectory. I also tried start name with a dot, but when user press 'cmd+shift+.', the hidden files will be shown...

    Ere0n
Add a Comment

After several days research, finally I found a way to hide contents of the folder.

Just use the Endpoint system extension, and deny all ES_EVENT_TYPE_AUTH_READDIR when the msg->event.readdir.target->path.data is my folder path.

Although this makes it impossible for me to see these files under my filesystem, but I can still use file system API such as open(), createFile() to do some operations on the files.

Posted by
Ere0n
Up vote reply of Ere0n Down vote reply of Ere0n
Post marked as solved
Add a Comment

Hmmm, weird, I wrote a response to this yesterday but somehow failed to post it )-:

What I was going to say was that there isn’t a good way to do this. I don’t think my opinion on that has changed. Creating an ES client is a very heavy handed way of tackling this issue.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo

  • Yes, it not a good way to create ES client to just handle this issue. But maybe the only way?

    Ere0n
Add a Comment