Sandbox Violation on Runtime Exec
Marco Dinacci
marco.dinacci at gmail.com
Fri Jun 8 07:31:54 PDT 2012
Hi,
> That makes sense… how, though, would I set the inherit entitlement for the new process? The only way I know to set entitlements is at codesigning time, but this process is generated on the fly at runtime.
you're right, you can't at runtime.
You would have to create a new executable with its own
entitlements...I guess JNI may be an easier solution at this point.
BTW, it seems Runtime.exec() uses fork() on OSX so AFAIK it may never
work in a sandbox.
The reason why NSTask works is probably because internally it uses posix_spawn.
Best,
Marco
More information about the macosx-port-dev
mailing list