Hello everyone, I need help with an issue that is unclear to me. I developed an application with Unity and now I'm using xCode to distribute it both outside the App Store and on the App Store. As for the first option, no problem, I was able to build the app and upload it for validation. However, regarding the App Store, I have a problem with "App Sandbox," which seems to be mandatory in this case. My application is essentially a party game where one part functions as a desktop application and another part as a mobile application. The desktop application launches a parallel process (which I included in a group within xcode and signed with my developer ID) that makes the two parts communicate through a socket on the local network. When I enable App Sandbox, it seems that the process is not launched by the main application. I have also enabled the two options, Incoming Connection (server/client), under App Sandbox, but it still did not work. I thank you in advance for the support.Sandbox app + parallel process + LAN Socket
It seems that the Sandbox does not provide the necessary permissions to access that executable file.
Given that this is an unbundled executable, it’s almost certain that you’re executing it as a child process, that is, via posix_spawn
or some wrapper around that.
It is possible for sandbox apps to run child processes, but it’s a bit tricky. See Embedding a command-line tool in a sandboxed app.
which exposes a socket channel
What sort of socket? There are two common options here, and both of them present challenges:
-
If you use a TCP/IP socket (
AF_INET
orAF_INET6
) you could bump into local network privacy issues (introduced in macOS 15, currently a release candidate). I think you’ll be OK with you stick withlocalhost
(127.0.0.1 or ::1) but I’m still coming up to speed on this technology on the Mac. -
If you use a Unix domain socket (
AF_UNIX
orAF_LOCAL
), the App Sandbox requires that you put the listening socket in an app group container.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"