'sandboxd: deny file-write-create' when writing to app's own bundle

Question

I've written a program in the Mac App store which displays some graphics. Occasionally it updates these off the internet. As with most folks, I'm having to Sandbox my app now.

Almost everything is working, but when updating it saves a file in my app's own bundle and fails with 'sandboxd: deny file-write-create'

I just use fopen(..., "wb")

The path passed into fopen is: /Users/MyUser/Library/Developer/Xcode/DerivedData/MyApp-czuwveatgjffaggwqjdqpobjqqop/Build/Products/Debug/My.app/Contents/Resources/the_file.foo

The path is created using:

CFBundleRef bundle = CFBundleGetMainBundle();
CFURLRef url = CFBundleCopyResourcesDirectoryURL(bundle);
CFURLGetFileSystemRepresentation(url, true, (UInt8*)buf, sizeof(buf));

Am I doing something obviously wrong here? My app is multi-platform so ideally I'd keep using fopen/etc. As I understood, the app should be allowed to write into its own bundle, even if it is blocked from doing anything elsewhere?

thanks!

Answer 1

OS X apps should never write into the app bundle (even if they aren't sandboxed). In OS X, the application doesn't have any more access to the file system than the user does on their own, and the user (generally) won't have permissions to modify anything in /Applications. Note that this is quite different from iOS apps, which normally store their data inside the app bundle.

In OS X, application data is generally stored in each user's Library folder, in one of a number of subfolders depending on the type of data it is; see Apple's note on "The Library Directory Stores App-Specific Files" for the primary ones. Sandboxing complicates this, because each app gets its own Container inside the user's Library. Apple provides a number of methods for determining the correct location for various kinds of data; see "Determining Where to Store Your App-Specific Files".