App Sandbox and Serial Ports

Originator:erin.robotics
Number:rdar://9993340 Date Originated:21-Aug-2011 12:56 PM
Status:Open Resolved:
Product:Mac OS X SDK Product Version:10.7
Classification:Serious Bug Reproducible:Yes
 
Summary:
No way to gain access to the serial ports (/dev/cu.yourserialdevice) when using App Sandboxing

Steps to Reproduce:
1. Use same techniques to open a serial port as in SerialPortSample http://developer.apple.com/library/mac/#samplecode/SerialPortSample/Introduction/Intro.html#//apple_ref/doc/uid/DTS10000454

2. Enable Entitlements & App Sandboxing, set all entitlements to allow and read/write

3. Start the app, try to connect to the device: you can't access the device

Expected Results:
- Be able to access the device on /dev/ if you have the entitlement for "Allow USB Access"

Actual Results:
- Unable to access the device on /dev/

Regression:
- Problem occurs when App Sandboxing is enabled

Notes:
- I write Mac Apps that communicate with Arduino. We have an App on the Mac App Store, "Meters for Arduino", so we need sandboxing for serial devices to be able to work
- Serial devices are still widely used, so support is still relevant and important
- No workarounds yet
- Please fix this! :(

Comments

I have this same problem. I need to access devices in the /dev/ folder. Need to open serial ports, connections to the unix shell, telnet, ssh etc. None of that works unless we can read/write to the /dev folder.

We should be able to get a temporary exception to access the /dev folder with the following code. But it does not work.

<key>com.apple.security.temporary-exception.files.absolute-path.read-write</key>
<array>
    <string>/dev/</string>
</array>
By macintelrich at Sept. 12, 2011, 7 p.m. (reply...)

Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!