[Sandbox] Don't try to grant access to container

Do not try to grant access to the app's container folder when searching for paths to add. Signed-off-by: Christopher Snowhill <kode54@gmail.com>
2022-06-26 02:58:25 -07:00 · 2022-06-26 02:58:25 -07:00 · 2945de085d
parent c2ef7d0e61
commit 2945de085d
1 changed files with 9 additions and 0 deletions
--- a/Preferences/Preferences/PathSuggester.m
+++ b/Preferences/Preferences/PathSuggester.m
@ -18,6 +18,11 @@
@property(nonatomic) NSURL *_Nullable url;
@end

+static NSURL *containerDirectory(void) {
+	NSString *path = [@"~" stringByExpandingTildeInPath];
+	return [NSURL fileURLWithPath:path];
+}
+
 // XXX this is only for comparison, not "escaping the sandbox"
 static NSURL *pathEscape(NSString *path) {
 	NSString *componentsToRemove = [NSString stringWithFormat:@"Library/Containers/%@/Data/", [[NSBundle mainBundle] bundleIdentifier]];
@ -92,6 +97,8 @@ static NSURL *defaultMoviesDirectory(void) {
 	NSURL *defaultDownloads = defaultDownloadsDirectory();
 	NSURL *defaultMovies = defaultMoviesDirectory();

+	NSURL *container = containerDirectory();
+
 	id sandboxBrokerClass = NSClassFromString(@"SandboxBroker");

 	NSMutableArray *items = [[NSMutableArray alloc] init];
@ -125,6 +132,8 @@ static NSURL *defaultMoviesDirectory(void) {
 		              aSubdirectoryOf:defaultDownloads] ||
 		   [sandboxBrokerClass isPath:url
 		              aSubdirectoryOf:defaultMovies] ||
+		   [sandboxBrokerClass isPath:url
+		              aSubdirectoryOf:container] ||
 		   [sandboxPathBehaviorController matchesPath:url])
 			continue;