Sandbox Powerbox does not allow overwriting symlinks

Originator:chad515
Number:rdar://10820774 Date Originated:2/7/2012
Status:Open Resolved:No
Product:Mac OS X Product Version:10.7.3
Classification:Serious Bug Reproducible:Always
 
Summary:
When a sandboxed app uses NSSavePanel and powerbox, it is granted permission to replace a regular file but not a symlink.

Steps to Reproduce:
1) Open an NSSavePanel from a sandboxed app with the com.apple.security.files.user-selected.read-write entitlement
2) The user selects a previously existing symlink
3) When prompted by the panel, the user selects to replace it
4) Remove the old symlink
5) Write the new file

Expected Results:
The old symlink is removed (though obviously the file it was pointing to will be unaffected).

Actual Results:
The kernel denies the removal. Trying to remove the old symlink results in the following log message:
Feb  7 13:21:37 fruitbook sandboxd[16119] ([16109]): SandboxOverwrite(16109) deny file-write-unlink /Users/chad/Desktop/Test file

Overwriting the old symlink results in the following log message:
Feb  7 13:21:37 fruitbook sandboxd[16119] ([16109]): SandboxOverwrite(16109) deny file-write-create /Users/chad/Desktop/Test file

Regression:
You can overwrite symlinks without sandboxing.

Notes:
The attached project demonstrates this. Note that you'll need to create a symlink called "Test file" on the Desktop for it to work. One easy way to do this is to run the test app once, which should successfully create the symlink since there wasn't one before. Then quit and restart the app to get the failure.

To use the attached project, simply launch it (it should be sandboxed) and click the Save button on the NSSavePanel that pops up. Then check the logs to see the errors.

Also, note that replacing a regular file works fine. Symlinks are the problem.

Comments


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!