Permalink
Browse files

Restricted file system entitlements to be narrower (/Users and /Volum…

…es). This will help us with the App Store review process, and it should be sufficient for 99% of the users.
  • Loading branch information...
1 parent 4a45d79 commit 8ecfa478077dd52b257bc519086cfe2be625e9df @peterb180369 peterb180369 committed Apr 3, 2012
@@ -7,6 +7,9 @@
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.temporary-exception.files.absolute-path.read-write</key>
- <string>//</string>
+ <array>
+ <string>/Volumes/</string>
+ <string>/Users/</string>
+ </array>
</dict>
</plist>
@@ -7,6 +7,9 @@
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.temporary-exception.files.absolute-path.read-write</key>
- <string>//</string>
+ <array>
+ <string>/Volumes/</string>
+ <string>/Users/</string>
+ </array>
</dict>
</plist>
@@ -7,6 +7,9 @@
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.temporary-exception.files.absolute-path.read-write</key>
- <string>//</string>
+ <array>
+ <string>/Volumes/</string>
+ <string>/Users/</string>
+ </array>
</dict>
</plist>
@@ -6,7 +6,11 @@
<true/>
<key>com.apple.security.app-sandbox</key>
<true/>
+ <key>com.apple.security.assets.music.read-write</key>
+ <true/>
<key>com.apple.security.temporary-exception.files.absolute-path.read-write</key>
- <string>//</string>
+ <array>
+ <string>/Library/Application Support/GarageBand/GarageBand Demo Songs/GarageBand Demo Songs/</string>
+ </array>
</dict>
</plist>
@@ -7,6 +7,9 @@
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.temporary-exception.files.absolute-path.read-write</key>
- <string>//</string>
+ <array>
+ <string>/Volumes/</string>
+ <string>/Users/</string>
+ </array>
</dict>
</plist>
@@ -7,6 +7,9 @@
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.temporary-exception.files.absolute-path.read-write</key>
- <string>//</string>
+ <array>
+ <string>/Volumes/</string>
+ <string>/Users/</string>
+ </array>
</dict>
</plist>
@@ -7,6 +7,9 @@
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.temporary-exception.files.absolute-path.read-write</key>
- <string>//</string>
+ <array>
+ <string>/Volumes/</string>
+ <string>/Users/</string>
+ </array>
</dict>
</plist>
@@ -7,6 +7,9 @@
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.temporary-exception.files.absolute-path.read-write</key>
- <string>//</string>
+ <array>
+ <string>/Volumes/</string>
+ <string>/Users/</string>
+ </array>
</dict>
</plist>
@@ -6,7 +6,10 @@
<true/>
<key>com.apple.security.app-sandbox</key>
<true/>
- <key>com.apple.security.temporary-exception.files.absolute-path.read-only</key>
- <string>//</string>
+ <key>com.apple.security.temporary-exception.files.absolute-path.read-write</key>
+ <array>
+ <string>/Volumes/</string>
+ <string>/Users/</string>
+ </array>
</dict>
</plist>
@@ -7,6 +7,9 @@
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.temporary-exception.files.absolute-path.read-write</key>
- <string>//</string>
+ <array>
+ <string>/Volumes/</string>
+ <string>/Users/</string>
+ </array>
</dict>
</plist>
@@ -902,7 +902,7 @@
D0E96CE015189FAC004F3EE7 /* IMBFolderParserMessenger.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = IMBFolderParserMessenger.m; sourceTree = "<group>"; };
D0E96CE41518A296004F3EE7 /* IMBImageFolderParserMessenger.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = IMBImageFolderParserMessenger.h; sourceTree = "<group>"; };
D0E96CE51518A297004F3EE7 /* IMBImageFolderParserMessenger.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = IMBImageFolderParserMessenger.m; sourceTree = "<group>"; };
- D0E96CEA1518C97B004F3EE7 /* com.karelia.imedia.Folder.entitlements */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file; path = com.karelia.imedia.Folder.entitlements; sourceTree = "<group>"; };
+ D0E96CEA1518C97B004F3EE7 /* com.karelia.imedia.Folder.entitlements */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xml; path = com.karelia.imedia.Folder.entitlements; sourceTree = "<group>"; };
D0E96D021518C9BF004F3EE7 /* com.karelia.imedia.Folder.xpc */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = com.karelia.imedia.Folder.xpc; sourceTree = BUILT_PRODUCTS_DIR; };
D0E96D1A104410BD0015979F /* IMBPanelController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = IMBPanelController.h; sourceTree = "<group>"; };
D0E96D1B104410BD0015979F /* IMBPanelController.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = IMBPanelController.m; sourceTree = "<group>"; };
@@ -1636,11 +1636,11 @@
D0B6FAA21043227A00280DDC /* GarageBand */ = {
isa = PBXGroup;
children = (
- D054AFED152984ED00EBFA1C /* com.karelia.imedia.GarageBand.entitlements */,
D054AFE8152984C300EBFA1C /* IMBGarageBandParserMessenger.h */,
D054AFE9152984C300EBFA1C /* IMBGarageBandParserMessenger.m */,
D02D17581081CF3B00142E8A /* IMBGarageBandParser.h */,
D02D17591081CF3B00142E8A /* IMBGarageBandParser.m */,
+ D054AFED152984ED00EBFA1C /* com.karelia.imedia.GarageBand.entitlements */,
);
name = GarageBand;
sourceTree = "<group>";

0 comments on commit 8ecfa47

Please sign in to comment.