In order to do sandbox testing for an app I'm writing for OS X, I'm using sandbox-exec
. I'm wondering what's the difference between the rules (deny file-read-xattr)
and (deny file-read-metadata)
?
Depending on which level you operate with files within your application (NSFileManager and NSURL or plain-old-c) you will probably need both read rules.