Adding a sandboxed app to an app group

This is a relatively simple task that is complicated by confusing documentation. After viewing the documentation it looked relatively simple to add applications to a group. Just add some magic to the entitlements and use the containerURLForSecurityApplicationGroupIdentifier: method of NSURL. The only problem was that as far as I can tell NSURL does not have a containerURLForSecurityApplicationGroupIdentifier: method.

The key to add looks something like this:

<key>com.apple.security.application-groups</key>
<array>
    <string>DG29478A379Q6483R9214.com.company.whatever</string>
</array>

The random numbers are your development team ID. I believe that can be found by looking at your developer ID certificate in keychain viewer (someone correct me if I am wrong). After the period you can put whatever you want as long as it matches the string in the other applications you want to be part of a group.

Once you do this all applications sharing that key will have access to:

~/Library/Group Containers/<application-group-id>

Without the containerURLForSecurityApplicationGroupIdentifier: there isn’t a great way to get this path. I just did:

NSString *groupContainer = [@"~/../../../Group Containers/DG29478A379Q6483R9214.com.company.whatever" stringByExpandingTildeInPath];

Let me know if anyone knows of a better way to create app groups.

 
21
Kudos
 
21
Kudos

Now read this

Sandboxing Adventures

I recently had the pleasure of sandboxing a Mac application that was written before sandboxing was required on the Mac App Store. I found a lot of good resources (including Apple’s Documentation) that covered the basics of setting up... Continue →