Tuesday, December 2, 2014

GaragePay’s Encryption Removed

Ilja A. Iwas:

GaragePay’s encryption feature is not compatible with Mac App Store’s sandbox requirement. Had to remove it to ship updates.

It looks like GaragePay managed encrypted disk images using hdiutil, which doesn’t work in the sandbox.

2 Comments RSS · Twitter


I don't see how this is surprising, or unexpected. A sandboxed app can't launch arbitrary un-sandboxed binaries (without a temporary exemption).

The real issue here, if anything, is that there's a lot of really useful Mac functionality bottled up in Apple's command-line tools like hdiutil, which are not easy for apps to interface with. They're not sandboxed, and they are not well documented, and they use flags and stdio for sending unstructured data, and they operate directly on mounted filesystems. It would be great if there were modern frameworks for all of these, but there isn't, yet, and Apple shows no signs of ever doing so.


@Sam Agreed that it’s not surprising. I just like to document these cases. Sandboxed apps are definitely allowed to run unsandboxed binaries. The binary then runs within the app’s sandbox. The issue here is that hdiutil cannot run in that environment, even if given entitlements to access all of the relevant paths. For example, it uses unapproved IPC with its own helper processes. I filed a Radar on this pretty much as soon as the sandbox was announced.

Leave a Comment