RFR 7199674: (props) user.home property does not return an accessible location in sandboxed environment [macosx]

Nicholas Rahn nick at transparentech.com
Tue Sep 10 21:21:36 UTC 2013

I use user.home to do things like:

String userHomePath = System.getProperty("user.home"**);
myFileDialog.setDirectory(**userHomePath + "/Documents");

In my app, the user selects where he wants to export individual files, such
as CSVs and PDFs. These are files he'll use outside of my app.

If user.home points to the app's sandbox Container, it will break this
usage.  Opening a file dialog to
/Users/Bob/Library/Containers/my.app/Data/Documents will definitely confuse
the user and if they save a file there, they will never be able to find it
later from outside of my app.

Yes, I understand the whole sandboxing concept. I'm not asking for
unrestricted access to the file system. I use the "com.apple.
security.files.user-selected.read-write" entitlement so that the user can
select where he wants to save files, and I want to present him with a
standard, well-known, default location for that (like ~/Documents).

If user.home doesn't point to the user's actual home folder (i.e.
NSHomeDirectoryForUser), it makes creating a standard, well-known location
path (like ~/Documents) much more difficult.  (And IMHO, it breaks the
definition of the user.home property: "User home directory", not "App home


On Tue, Sep 10, 2013 at 10:32 PM, David DeHaven <david.dehaven at oracle.com>wrote:

> > This isn't every other platform, this is Mac OS X and all the baggage
> that goes along with it! :)
> >
> > What do you actually need access to user.home for? Do you have empirical
> evidence that this will break your application?
> >
> > The whole point of sandboxing is you no longer have direct access to the
> entire system. The app must play inside it's sandbox, period, end of story.
> Gone are the days of unrestricted access to the filesystem, that's the
> whole point of sandboxing! This is all pretty well outlined in the
> "Sandboxing Your App" documentation on ADC.
> >
> > Powerbox is there to solve your problem of opening user documents (with
> the right entitlements) and there are mechanisms in place to allow opening
> related files (with the users permission of course). Even a sandboxed
> application can show the user the contents of his various folders in a file
> open dialog. This all happens regardless of whether NSHomeDirectory returns
> /Users/JoeBob or /Users/JoeBob/Library/Containers/com.blah.someapp
> That should have been:
> /Users/JoeBob/Library/Containers/com.blah.someapp/Data
> Which, btw, is a shadow of the users home directory... including symlinks
> to various folders contained therein.
> -DrD-

More information about the core-libs-dev mailing list