我有一个应用程序,目标是在沙盒和非沙盒MacOS中运行。如果用户从MacOS 10.6升级到更高版本的操作系统,我需要用户重新选择文件夹,以便我可以使用安全书签为它们添加书签。
如何检测我的应用程序是否在支持沙盒的操作系统上?
答案 0 :(得分:19)
我知道的唯一方法是查找APP_SANDBOX_CONTAINER_ID环境变量。当应用程序在沙箱容器内运行时,它就会出现。
NSDictionary* environ = [[NSProcessInfo processInfo] environment];
BOOL inSandbox = (nil != [environ objectForKey:@"APP_SANDBOX_CONTAINER_ID"]);
答案 1 :(得分:3)
BOOL isSandboxed = NO;
SecStaticCodeRef staticCode = NULL;
NSURL *bundleURL = [[NSBundle mainBundle] bundleURL];
if (SecStaticCodeCreateWithPath((__bridge CFURLRef)bundleURL, kSecCSDefaultFlags, &staticCode) == errSecSuccess) {
if (SecStaticCodeCheckValidityWithErrors(staticCode, kSecCSBasicValidateOnly, NULL, NULL) == errSecSuccess) {
SecRequirementRef sandboxRequirement;
if (SecRequirementCreateWithString(CFSTR("entitlement[\"com.apple.security.app-sandbox\"] exists"), kSecCSDefaultFlags,
&sandboxRequirement) == errSecSuccess)
{
OSStatus codeCheckResult = SecStaticCodeCheckValidityWithErrors(staticCode, kSecCSBasicValidateOnly, sandboxRequirement, NULL);
if (codeCheckResult == errSecSuccess) {
isSandboxed = YES;
}
}
}
CFRelease(staticCode);
}
答案 2 :(得分:2)
为Swift3测试此内容
{
"Resources": {
"JobDefinition": {
"Type": "AWS::Batch::JobDefinition",
"Properties": {
"Type": "container",
"JobDefinitionName" : "filedownload",
"ContainerProperties": {
"Image": "abc",
"Vcpus": 4,
"Memory": 2000,
"JobRoleArn": "arn:aws:iam::********:role/batchjobRole",
"ReadonlyRootFilesystem": true,
"Privileged": true
},
"RetryStrategy" : {"attempts": 1}
}
}
}
}
答案 3 :(得分:0)
这是Swift 4.2中@hamstergene的答案:
func isSandboxEnvironment() -> Bool {
let environ = ProcessInfo.processInfo.environment
return (nil != environ["APP_SANDBOX_CONTAINER_ID"])
}