Sandbox Violation on Runtime Exec
David DeHaven
david.dehaven at oracle.com
Tue Jun 12 13:48:17 PDT 2012
>>> BTW, it seems Runtime.exec() uses fork() on OSX so AFAIK it may never
>>> work in a sandbox.
>>> The reason why NSTask works is probably because internally it uses posix_spawn.
>
> In the light of this, I wonder if this behaviour should be filed as a
> bug. There is currently no (Java only) way to create a child process
> if the parent is executed inside a sandbox, any call to
> Runtime.getRuntime().exec() or ProcessBuilder start() will fail.
> I think the OpenJDK on OSX should use either posix_spawn or NSTask.
I highly recommend filing a bug, since sandboxing a Java application is something that should be fully supported.
If only I'd thought of that earlier this year when I was looking at this stuff…
-DrD-
More information about the macosx-port-dev
mailing list