Open Radar

 
18-Dec-2012 10:12 AM Michael Jurewitz:
Summary:
A sandboxed application, when creating a security scoped bookmark from user data, can sometimes be handed back an entirely different path for the file than what exists on disk. Accessing this new path from a sandboxed application causes the app to be quit with a deny-read assertion.

Steps to Reproduce:
1. Create a bunch of screenshots by the usual mechanism and make sure they are placed on your Desktop. Since this repro's for only _some_ files, it's helpful to make a good handful of these.
2. Open Keynote.app
3. Drag the previously created screenshots into a new Keynote document.
4. Save this Keynote document to iCloud
5. Build and run the attached project. It will tell you files for which their path on disk is different from what a security scoped bookmark tells the app the path actually is.

Expected Results:
The SSB API should always hand back the actual path to an item on disk, or at least one our app is entitled to open.

Actual Results:
Sometimes a different path other than the actual file is given to the application, which in a production application reads to a deny-read for that different location and our inability to open that file.

Regression:
Seems to affect 10.7.3 and 10.8.2. We did not test others.

18-Dec-2012 10:12 AM Michael Jurewitz:
'Bookmark Hardlink Test.zip' and 'MacBook Pro (Retina 10.8.2).spx' were successfully uploaded