Further experiments show that some disks can be ejected under sandbox,
while others cannot. For example, CD, USB sticks, DMGs and some
external drives can be ejected/unmounted, while other external drives
and internal partitions cannot. The rule isn't that simple and seems
to have many exceptions.
On Mon, Aug 12, 2013, at 08:28 AM, Oleg Krupnov wrote:
> The "system.volume.internal.unmount entitlement" is not documented,
This is an authorization right, not a sandbox entitlement.
> and when I tried to add it to the list of entitlements, the app fails
> to start at all, saying not enough per
I've run across an unexpected and undocumented problem, and couldn't
google anything on it.
It seems that if an app is sandboxed, it is not permitted to eject
disks or unmount volumes.
I tried -[NSWorkspace unmountAndEjectDeviceAtPath:],
FSUnmountVolumeAsync / FSEjectVolumeAsync, DADiskUnmount /
