Sandboxing woes

It’s a brave new sandboxing world they say and that brings about many implications good and bad, to a security professional asking the user for permission to read every single file might be pure heaven, to a UX professional it might be hell.

Either way consider this scenario, you have a application that needs to know some operating system setting, some configuration context, Apple can never provide exhaustive API’s for all scenarios and you will inevitably have to read or write to files the user does not directly need to interact with.

Before sandboxing you could just do this transparently, this is all good unless a attacker takes over your application and leverages it to wreak havoc, that is what sandboxing prevents but it also prevents legitimate scenarios and until Apple adds a way to specify in the entitlements a list of files that the application transparently needs to access the only way is to ask the user explicit permission.

Here is a way :

    //only needed if we are in 10.7
    if (floor(NSAppKitVersionNumber) < = 1038) return;
    //only needed if we do not allready have permisions to the file
    if ([[NSFileManager defaultManager] isReadableFileAtPath:file] == YES) return;
    //make sure we have a expanded path
    file = [file stringByResolvingSymlinksInPath];
    NSString *message = [NSString stringWithFormat:@"Sandbox requires user permision to read %@",[file lastPathComponent]];

    NSOpenPanel *openDlg = [NSOpenPanel openPanel];
    [openDlg setPrompt:@"Allow in Sandbox"];
    [openDlg setTitle:message];
    [openDlg setShowsHiddenFiles:NO];
    [openDlg setTreatsFilePackagesAsDirectories:YES];
    [openDlg setDirectoryURL:[NSURL URLWithString:file]];
	[openDlg setCanChooseFiles:YES];
	[openDlg setCanChooseDirectories:NO];
	[openDlg setAllowsMultipleSelection:NO];
	if ([openDlg runModal] == NSOKButton){
        NSURL *selection = [[openDlg URLs] objectAtIndex:0];
        if ([[[selection path] stringByResolvingSymlinksInPath] isEqualToString:file]) {
            [[NSAlert alertWithMessageText:@"Wrong file was selected." defaultButton:@"Try Again" alternateButton:nil otherButton:nil informativeTextWithFormat:message] runModal];
            [self punchHoleInSandboxForFile:file];
        [[NSAlert alertWithMessageText:@"Was denied access to required files." defaultButton:@"Carry On" alternateButton:nil otherButton:nil informativeTextWithFormat:@"This software can not provide it's full functionality without access to certain files."] runModal];

You need to add a call to punchHoleInSandboxForFile before every file access call eg:

[self punchHoleInSandboxForFile:@"/etc/hostconfig"];
NSString *stuff = [[NSString alloc] initWithContentsOfFile:@"/etc/hostconfig"];

This nags the user once for each file, once the hole has been punched for that file it persists for the lifetime of the process, it presents a file dialog with the file in question already selected (however that does not seem to be consistent, sometimes selecting the file will be required) .

Here’s hoping Apple adds something along the lines of setting specific files with permissions in the entitlements sooner than later, until then feel free to use this and suggest any better alternatives you can find.



iphone signal testing with code

Closest cell tower 1 Km, iPhone 3G, Wi-fi mode, iOS 4.0, Orange network.

With device held gently by edges:

signal avg 90 (outdoor, line of sight to cell tower, same altitude)
signal avg 😯 (indoor, line of sight to cell tower, same altitude)
signal avg 60 (indoor, no line of sight to cell tower, same altitude)
signal avg 4O (outdoor, no line of sight to cell tower, ground level)

With device cradled in hand a average decrease of signal by about 20 in all cases and whatever finger configuration.

Turning 3G on causes a average decrease of signal by 5 in all cases.

The connection strength bars shows 5 bars in all cases.

Absolute minimum experienced : 19, absolute maximum 96.

The thing to take away from all this is that if  you already had a very bad connection under 20 and subtract the hand attenuation of about 20 you are left with no signal, and it did not hep that until iOS 4.0.1  a bad connection with a 20 strength would have shown 4 or even 5 bars.

The application used to test gets the signal strength from private calls to apple’s CoreTelephony framework, in a effort to help the iphone signal testing going on share a common base i am providing the application to anyone, please let me know what are the results of your tests and feel free to contribute to the code on github.

The application is named  VAFieldTest , it’s code is under a open source license and can be found at , you need Xcode and a iPhone developer account to compile and run it.

iOS 4.0.1 update
same behavior as before, with the difference that now the connection bars properly reflect changes in the strength (I 1-19, II 20-29, III 30-39, IIII 40-49, IIIII 50-99 ) , with previous versions they just show 5 bars for any signal strengths above 25.

On Perl and data manipulation

It is common belief that Perl is the language of choice for the purpose of data processing and manipulation , and i couldn’t agree more , having been turning to it every time i needed some serious data processing , only to get the best results at each undertaking.

However back then in 99 when looking for a method of automating the calculation of my monthly online time from my dialup provider’s access logs , a task for which ASM just wouldn’t cut it , i had no other choice but to assume this thing about perl and data manipulation as the truth and have a go at the language without knowing for certain.

Today after quite a while and many data manipulation scripts , and quite coincidentally for the purpose of calculating the total downtime of my isp from my server’s access logs , i can not feel but pleased with the power you have with perl and it’s data manipulation drive , so i felt like evoking this wonderful side of perl myself too.

Now as to not make this article a dry reading , and because probably nobody likes staring at a program execution with no progress display for hours on end , or not even minutes , i am going to explain 2 simple progress display trick for your perl scripts.

Roughly the trick consists in using r (carriage return) to write over the same line over and over, while also disabling output buffering where it is the case

The first example below is the simpler one , but memory buffers are sacrificed for this and do not use this example for files bigger than some dozens of megabytes or loading times will be drastic and memory usage intensive , that aside this should not present any other speed decreases given you write your script in a speed conscious manner.

use POSIX;
#disable output buffering
$| = 1;

open (INFILE,”< $infile”) or die “$infile file not found”;
foreach $a (@data){
$proc = floor((($#data – $.) / $#data) * 100);
print “$. more lines to process ($proc% processed)r”;

In this second script we are not buffering the whole file into memory , so loading speeds will be great even tho’ we have to use a function to count the total line number of the file with clines() before starting to process it

use POSIX;
#disable output buffering
$| = 1;

#reading line length
print “Reading $infile….”;
$lines = clines($infile);
print “done ($lines lines)n”;

#processing data
open (INFILE,”< $infile”) or die “$infile file not found”;
$out = 0;
while(<INFILE>) {
$proc = floor(($out / $lines) * 100);
print $lines-$out.” more lines to process ($proc% processed)r”;
sub clines {
my ($filename) = @_;
$lines = 0;
open(FILE, $filename) or die “Can’t open `$filename’: $!”;
while (sysread FILE, $buffer, 4096) {
$lines += ($buffer =~ tr/n//);
close FILE;
return $lines