Unexpected sandboxing

I let the IDE do the code-signing and notarisation for my apps. So, in the Sign step under Build Settings, I have Hardened Runtime and Notarisation enabled, but not Sandboxing. If the app is then downloaded from my website and placed in /Applications, then it runs as expected. However, if its first-run is with the .app on the Desktop, then it behaves as if it has been sandboxed.

Is there a reason for this?

It’s quarantined if it’s not copied to Applications.

xattr -cr <path to app>

Humph. Am I right in thinking that, if it is first-run from Applications, it could be moved elsewhere after that and would run OK from that other location? That seems to be what I also observe, but I’d like to be sure if I’m going to document that for users who want to run that way.

By documenting such a thing, doesn’t that imply you’ll offer support when things stop working?

macOS is only getting more and more restrictive when it comes to app permissions. Personally, I would be inclined to say that the app is designed with the expectation that it must be placed in /Applications or /user/Applications, otherwise you’re on your own.

But that’s just me.

There’s a handy dandy app for clearing quarantine and self-signing.

To download the built version, click “Releases” on the right-hand sidebar.

Well, you might well be right. But when I originally designed this app, some 15 years ago, one of its features was going to be that you could put the app and its data on a stick, take that to another location, and run it there from the stick on any desktop that was available - and since re-writing it in Xojo, even moving between OSes.

I take the point that macOS is getting tighter and tighter, but there is this one user who works this way because “I prefer not to use the Apple Documents folder for my data since other applications also use this folder, upsetting my visual memory of what and where everything is in this folder.”

Since this guy has been patient with my apps for at least ten years and has provided a lot of feedback and suggestions, I’m more inclined to indulge him if I can. He appears to be a public health expert who did various analyses during Covid (I somehow got on a mailing list of his and received a number of interesting mails related to it during the worst period).

So in practice I’m already offering that support, at least to him.

2 Likes

Thanks - that could be quite useful.

Your app should be able to operate quarantined though.

For the last x years I’ve been telling people you can’t assume you have access to any of the SpecialFolders except ApplicationData and Temporary. Anything else, the user must give you access to. Whether that’s an Open / Save dialog or Drag & Drop, the user must give you access to a location.

I very much like the way Apple prevents developers from accessing my Documents folder. I keep that well organized.

2 Likes

Well, if it’s just one customer that’s different.

I was thinking in terms of maybe dozens / hundreds or more out there all clamouring for your attention… :exploding_head:

Given I have long-covid, I’d support him too!