Shared memory & App Sandbox

  1. 9 months ago

    Sam R

    27 Nov 2018 Pre-Release Testers, Xojo Pro Hengchun, Pingtung, Taiwan

    I thought I'd just post this here; in the hopes that I can save others wasted time.

    https://developer.apple.com/library/archive/documentation/Security/Conceptual/AppSandboxDesignGuide/AppSandboxInDepth/AppSandboxInDepth.html#//apple_ref/doc/uid/TP40011183-CH3-SW24

    "shmget", "shmat", "shdt" & "shctl" use System V semaphores underneath, and therefore BLOCKED by the App Sandbox

    The docs say that shared memory is possible, they provide a warning about "System V semaphores", but don't make it clear which functions I should or shouldn't use for shared memory. I searched for some shared memory tutorials, and found some. None mentioned "System V", so I followed a couple (and they really basic) and in doing so, I figured out some things (that are logical) but not documented in the tutorials and successfully created shared memory between two Xojo applications. I then wrapped these in a way so that my apps could communicate with one another.

    I re-read that documentation and searched for some tutorials on the entitlements, with examples. Tried a whole bunch of variations, but nothing worked. It's not a case that it simply didn't work, the application would freeze and was very hard to kill from the GUI. Had to kill it via the terminal.

    Then I checked the console... Turns out "shmget", "shmat", "shdt" & "shctl" use System V semaphores underneath, and therefore are BLOCKED by the App Sandbox. If only Apple's documentation could have explained which functions are compatible, it would have saved me a couple of days. Therefore I'm documenting this here, in the hopes that it will save others from wasting their time.

    Which functions are compatible? I don't know just yet, I have another set to try, but until I've tried them I can't say.

  2. Christian S

    27 Nov 2018 Pre-Release Testers, Xojo Pro, XDC Speakers Germany

    Thanks for trying and telling us.

  3. Sam R

    27 Nov 2018 Pre-Release Testers, Xojo Pro Hengchun, Pingtung, Taiwan

    I should also add that during development, I was reading the Man pages and header files, no where does it state that these functions use the scary "System V semaphores".

    If I'm totally honest, I half expected it to be blocked by the Sandbox (I'm pretty certain that shared memory goes against the idea of security), but I am still really disappointed & frustrated.

or Sign Up to reply!