adium 5071:6fd7dfef3669: Enabled sandboxing on Adium.app.
commits at adium.im
commits at adium.im
Thu Sep 13 21:16:16 UTC 2012
details: http://hg.adium.im/adium/rev/6fd7dfef3669
revision: 5071:6fd7dfef3669
branch: Sandboxing
author: Thijs Alkemade <thijsalkemade at gmail.com>
date: Thu Sep 13 23:11:59 2012 +0200
Enabled sandboxing on Adium.app.
Entitlements are currently:
* Network server/client
* Download folder access
* Address Book access
* User selected file access
Subject: adium 5072:28860bcddc59: Fix Growl from the sandbox.
details: http://hg.adium.im/adium/rev/28860bcddc59
revision: 5072:28860bcddc59
branch: Sandboxing
author: Thijs Alkemade <thijsalkemade at gmail.com>
date: Thu Sep 13 23:13:15 2012 +0200
Fix Growl from the sandbox.
Subject: adium 5073:ef1d48be3644: I'm not even sure how to do this from within Adium, but "Save" for file transfers is not possible from the sandbox, always use "Save As".
details: http://hg.adium.im/adium/rev/ef1d48be3644
revision: 5073:ef1d48be3644
branch: Sandboxing
author: Thijs Alkemade <thijsalkemade at gmail.com>
date: Thu Sep 13 23:15:56 2012 +0200
I'm not even sure how to do this from within Adium, but "Save" for file transfers is not possible from the sandbox, always use "Save As".
diffs (155 lines):
diff -r a2f9c14ced55 -r ef1d48be3644 Adium.entitlements
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/Adium.entitlements Thu Sep 13 23:15:56 2012 +0200
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>com.apple.security.app-sandbox</key>
+ <true/>
+ <key>com.apple.security.files.downloads.read-write</key>
+ <true/>
+ <key>com.apple.security.files.user-selected.read-write</key>
+ <true/>
+ <key>com.apple.security.network.client</key>
+ <true/>
+ <key>com.apple.security.network.server</key>
+ <true/>
+ <key>com.apple.security.personal-information.addressbook</key>
+ <true/>
+</dict>
+</plist>
diff -r a2f9c14ced55 -r ef1d48be3644 Adium.xcodeproj/project.pbxproj
--- a/Adium.xcodeproj/project.pbxproj Thu Sep 13 13:26:22 2012 +0200
+++ b/Adium.xcodeproj/project.pbxproj Thu Sep 13 23:15:56 2012 +0200
@@ -4398,6 +4398,7 @@
76B73B3514BE3BEB00A58BAB /* AIApplescriptRunner-Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; name = "AIApplescriptRunner-Info.plist"; path = "Plists/AIApplescriptRunner-Info.plist"; sourceTree = SOURCE_ROOT; };
76C1AF9A125A906A00D269A9 /* AIAdiumURLProtocol.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AIAdiumURLProtocol.h; path = "Plugins/WebKit Message View/AIAdiumURLProtocol.h"; sourceTree = "<group>"; };
76C1AF9B125A906A00D269A9 /* AIAdiumURLProtocol.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = AIAdiumURLProtocol.m; path = "Plugins/WebKit Message View/AIAdiumURLProtocol.m"; sourceTree = "<group>"; };
+ 76D934A01602450E00F4D2A3 /* Adium.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.xml; path = Adium.entitlements; sourceTree = "<group>"; };
76FF925814B524B40043E23B /* AIIRCConsoleController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AIIRCConsoleController.h; path = "Plugins/Purple Service/AIIRCConsoleController.h"; sourceTree = "<group>"; };
76FF925914B524B40043E23B /* AIIRCConsoleController.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; name = AIIRCConsoleController.m; path = "Plugins/Purple Service/AIIRCConsoleController.m"; sourceTree = "<group>"; };
76FF926314B62A980043E23B /* AIConsole.nib */ = {isa = PBXFileReference; lastKnownFileType = wrapper.nib; name = AIConsole.nib; path = "Frameworks/Adium Framework/Resources/AIConsole.nib"; sourceTree = "<group>"; };
@@ -5067,6 +5068,7 @@
29B97314FDCFA39411CA2CEA /* CocAIMe2 */ = {
isa = PBXGroup;
children = (
+ 76D934A01602450E00F4D2A3 /* Adium.entitlements */,
4BE9FFE7055981AB00359B15 /* Adium.pch */,
F59DB3D6033EA9CD01A8010A /* AIAdium.h */,
F59DB3D7033EA9CD01A8010A /* AIAdium.m */,
@@ -12403,11 +12405,14 @@
isa = XCBuildConfiguration;
baseConfigurationReference = 63C7E2040FAFAA4700B310AC /* Adium.xcconfig */;
buildSettings = {
+ CODE_SIGN_ENTITLEMENTS = Adium.entitlements;
+ CODE_SIGN_IDENTITY = "3rd Party Mac Developer Application";
FRAMEWORK_SEARCH_PATHS = (
"$(inherited)",
"\"$(SRCROOT)/Frameworks\"",
"\"$(SRCROOT)/build/Debug\"",
);
+ PROVISIONING_PROFILE = "";
};
name = Debug;
};
@@ -12415,12 +12420,15 @@
isa = XCBuildConfiguration;
baseConfigurationReference = 63C7E2040FAFAA4700B310AC /* Adium.xcconfig */;
buildSettings = {
+ CODE_SIGN_ENTITLEMENTS = Adium.entitlements;
+ CODE_SIGN_IDENTITY = "3rd Party Mac Developer Application";
FRAMEWORK_SEARCH_PATHS = (
"$(inherited)",
"\"$(SRCROOT)/Frameworks\"",
"\"$(SRCROOT)/build/Debug\"",
);
GCC_PREPROCESSOR_DEFINITIONS = RELEASE_BUILD;
+ PROVISIONING_PROFILE = "";
};
name = Release;
};
@@ -12428,6 +12436,8 @@
isa = XCBuildConfiguration;
baseConfigurationReference = 63C7E2040FAFAA4700B310AC /* Adium.xcconfig */;
buildSettings = {
+ CODE_SIGN_ENTITLEMENTS = Adium.entitlements;
+ CODE_SIGN_IDENTITY = "3rd Party Mac Developer Application";
FRAMEWORK_SEARCH_PATHS = (
"$(inherited)",
"\"$(SRCROOT)/Frameworks\"",
@@ -12437,6 +12447,7 @@
RELEASE_BUILD,
DEBUG_BUILD,
);
+ PROVISIONING_PROFILE = "";
};
name = "Release-Debug";
};
diff -r a2f9c14ced55 -r ef1d48be3644 Plugins/WebKit Message View/AIWebKitMessageViewController.m
--- a/Plugins/WebKit Message View/AIWebKitMessageViewController.m Thu Sep 13 13:26:22 2012 +0200
+++ b/Plugins/WebKit Message View/AIWebKitMessageViewController.m Thu Sep 13 23:15:56 2012 +0200
@@ -1458,10 +1458,10 @@
AIFileTransferAction a;
if ([action isEqualToString:@"SaveAs"])
a = AISaveFileAs;
- else if ([action isEqualToString:@"Cancel"])
+ else if ([action isEqualToString:@"Cancel"])
a = AICancel;
else
- a = AISaveFile;
+ NSAssert(FALSE, @"Saving files doesn't work from the sandbox");
[tc handleFileTransferAction:a];
}
diff -r a2f9c14ced55 -r ef1d48be3644 Source/ESFileTransferRequestPromptController.h
--- a/Source/ESFileTransferRequestPromptController.h Thu Sep 13 13:26:22 2012 +0200
+++ b/Source/ESFileTransferRequestPromptController.h Thu Sep 13 23:15:56 2012 +0200
@@ -18,8 +18,7 @@
@class ESTextAndButtonsWindowController, ESFileTransfer;
typedef enum {
- AISaveFile = 0,
- AISaveFileAs,
+ AISaveFileAs = 1,
AICancel
} AIFileTransferAction;
diff -r a2f9c14ced55 -r ef1d48be3644 Source/ESFileTransferRequestPromptController.m
--- a/Source/ESFileTransferRequestPromptController.m Thu Sep 13 13:26:22 2012 +0200
+++ b/Source/ESFileTransferRequestPromptController.m Thu Sep 13 23:15:56 2012 +0200
@@ -75,17 +75,7 @@
NSString *localFilename = [[adium.preferenceController userPreferredDownloadFolder] stringByAppendingPathComponent:[fileTransfer remoteFilename]];;
BOOL finished = NO;
- switch (action) {
- case AISaveFile: /* Save */
- {
- /* If the file doesn't exist, we're done. If it does, fall through to AISaveFileAs
- * triggering a Save As... panel.
- */
- if (![[NSFileManager defaultManager] fileExistsAtPath:localFilename]) {
- finished = YES;
- break;
- }
- }
+ switch (action) {
case AISaveFileAs: /* Save As... */
{
//Prompt for a location to save
diff -r a2f9c14ced55 -r ef1d48be3644 Source/NEHGrowlPlugin.m
--- a/Source/NEHGrowlPlugin.m Thu Sep 13 13:26:22 2012 +0200
+++ b/Source/NEHGrowlPlugin.m Thu Sep 13 23:15:56 2012 +0200
@@ -587,6 +587,11 @@
return @"Adium";
}
+- (BOOL)hasNetworkClientEntitlement
+{
+ return YES;
+}
+
/*!
* @brief Registration information for Growl
*
More information about the commits
mailing list