Sandbox Violation on Runtime Exec

Jessica Finley jfinley at
Thu Jun 7 14:26:18 PDT 2012

Hiya folks,

Our application makes the call 'sysctl hw' to get information about the hardware of a client's system.  Since sandboxing our application, this yields the following violation:

deny file-read-data /dev/fd

In an effort to debug, I've made an objective-c-only test project that calls the same command via an NSTask.  This test project has the same sandbox entitlements as my java application, yet the objective-c test project does not get a violation from the sandbox police.

Can anyone explain why that would be?  And perhaps, what can I do differently in my java app to call this command (we're currently using Runtime.exec()) and not get pulled over by the sandbox police?


More information about the macosx-port-dev mailing list