On Oct 3, 2012, at 14:02 , Marshall Houskeeper <mhouskee...@media100.com> wrote:
> I have no problem with the use of the open panel ( security-scoped bookmark > )for creating new documents. OK, understood. > The problem is for pre sandboxed documents or documents that come from > Windows. Having the user re-authorize each external file would be very > problematic and time consuming. Putting the two halves of what I said together, the question is how many uses of the open panel (or Windows equivalent) did it originally take to produces these older documents? Thousands? My guess is not thousands -- thousands of files may be referenced, but there were many fewer "add" operations involved (either because the user added a folder, or added one file which implied the locations of other files). It seems to me you'd need to reduce the thousands of files references to a much smaller number of re-constructed "user-did-add" operations which would, yes, have to be individually reauthorized. This would, in many case, mean you were creating bookmarks for enclosing folders rather than files. > What I am looking for are suggestions to best handle or avoid the > re-authorization of each embedded file reference. One option may be to write > a non sandbox application that would take the non sandboxed document and > convert the file references to security-scoped bookmarks if this is allowed. I don't believe it's possible. If it were, sandbox security could easily be bypassed by malicious software. If there's no practical way to reduce the re-authorizations to a manageable number, then I think you must follow Sean's suggestion of getting a temporary entitlement for your app that allows it to read anywhere in the file system, using the need for compatibility with older documents as your reason. You *might* in this case be able to "convert" older documents to use security-scoped bookmarks, under the aegis of the temporary entitlement, but I admit I don't know whether there are constraints on bookmarks in this case. (It also means your users will need to convert their old documents before the temporary entitlement is deprecated sometime in the future, as I'm sure it will eventually be.) _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
