macos filesystems metadata sandbox appstore-sandbox

OS X sandboxing: difference between xattr and metadata

In order to do sandbox testing for an app I'm writing for OS X, I'm using sandbox-exec. I'm wondering what's the difference between the rules (deny file-read-xattr) and (deny file-read-metadata)?

Solution

file-metadata is stored on a Filesystem-Level directly in the filenode: eg. last-modified-date
xattr are filesystem agnostic and extendable: eg. com.apple.FinderInfo, com.apple.TextEncoding, com.apple.metadata:kMDItemWhereFroms

Depending on which level you operate with files within your application (NSFileManager and NSURL or plain-old-c) you will probably need both read rules.

scipy 1.14.1 breaks statsmodels 0.14.2
Selenium gives "selenium.common.exceptions.WebDriverException: Message: unknown error: cannot find Chrome binary" on Mac
How can I sed two curly braces on two lines and add a coma between them on a Mac?
Bash to rename files to append folder name
Cannot get lldb to read file input through redirect
Xcode build system crashes with "unexpected service error" on iPhone 16 simulator
Why doesn't VS Code auto update on macOS?
Use OpenMP on M2 Mac with R and data.table
Xcode 10.2 unable to launch simulator
How to export structured notes (image + text) from a Next.js app to Apple Notes?
MacOS Sequoia keyboard shortcut to move a window between different screens
Focus-follows-mouse (plus auto-raise) on Mac OS X
error: linking with `cc` failed: exit code: 1
How to set JAVA_HOME environment variable on Mac OS X 10.9?
Warning: The post-install step did not complete successfully when trying to install mysql using brew in Mac OS High Sierra
Installing MongoDB with Homebrew
Unable to use Screen efficiently in Mac's Terminal
error while build iOS app in Xcode : Sandbox: rsync.samba (13105) deny(1) file-write-create, Flutter failed to write to a file
MariaDB update causes client connection problem : mariadb.OperationalError: TLS/SSL error: SSL is required, but the server does not support it
Skim displayline only bring the pdf in foreground
UNNotificationSound doesn't play on macOS. Same file works on iOS
Open document with default OS application in Python, both in Windows and Mac OS
Flutter Error: 'UnmodifiableUint8ListView' is restricted and can't be extended or implemented
How do I change the color of a NSButton checkbox?
Is there any way to make a Python program that has the user use the terminal (NO GUI) into a stand-alone for Mac?
Can't use mongo command, shows command not found on mac
D compiler DMD doesn't link object files
How can I turn off Finder's icon preview for my app's document type?
SocketException: Connection failed (OS Error: Operation not permitted, errno = 1) with flutter app on macOS
NPM install node-rdkafka fails with node-gyp rebuild error