From 6f126f4857d8bc3b1ee4e9c45ac7f522e32c6332 Mon Sep 17 00:00:00 2001
From: Christopher Snowhill <kode54@gmail.com>
Date: Tue, 28 Jun 2022 22:58:57 -0700
Subject: [PATCH] [Sandbox] Reduce entitlements granted by default

Since App Store approval decided these suddenly matter.

Signed-off-by: Christopher Snowhill <kode54@gmail.com>
---
 Cog.entitlements                        |  6 ---
 Preferences/Preferences/PathSuggester.m | 47 ++-----------------
 Utils/SandboxBroker.m                   | 62 -------------------------
 3 files changed, 3 insertions(+), 112 deletions(-)

diff --git a/Cog.entitlements b/Cog.entitlements
index 56e8557bd..2cd7845d7 100644
--- a/Cog.entitlements
+++ b/Cog.entitlements
@@ -4,14 +4,8 @@
 <dict>
 	<key>com.apple.security.app-sandbox</key>
 	<true/>
-	<key>com.apple.security.assets.movies.read-only</key>
-	<true/>
-	<key>com.apple.security.assets.music.read-only</key>
-	<true/>
 	<key>com.apple.security.cs.allow-jit</key>
 	<true/>
-	<key>com.apple.security.files.downloads.read-only</key>
-	<true/>
 	<key>com.apple.security.files.user-selected.read-write</key>
 	<true/>
 	<key>com.apple.security.network.client</key>
diff --git a/Preferences/Preferences/PathSuggester.m b/Preferences/Preferences/PathSuggester.m
index 5f39e0e21..b0c7661fa 100644
--- a/Preferences/Preferences/PathSuggester.m
+++ b/Preferences/Preferences/PathSuggester.m
@@ -24,35 +24,6 @@
 @property(nonatomic) NSURL *_Nullable url;
 @end
 
-static NSURL *containerDirectory(void) {
-	NSString *path = [@"~" stringByExpandingTildeInPath];
-	return [NSURL fileURLWithPath:path];
-}
-
-// XXX this is only for comparison, not "escaping the sandbox"
-static NSURL *pathEscape(NSString *path) {
-	NSString *componentsToRemove = [NSString stringWithFormat:@"Library/Containers/%@/Data/", [[NSBundle mainBundle] bundleIdentifier]];
-	NSRange rangeOfMatch = [path rangeOfString:componentsToRemove];
-	if(rangeOfMatch.location != NSNotFound)
-		path = [path stringByReplacingCharactersInRange:rangeOfMatch withString:@""];
-	return [NSURL fileURLWithPath:path];
-}
-
-static NSURL *defaultMusicDirectory(void) {
-	NSString *path = [NSSearchPathForDirectoriesInDomains(NSMusicDirectory, NSUserDomainMask, YES) lastObject];
-	return pathEscape(path);
-}
-
-static NSURL *defaultDownloadsDirectory(void) {
-	NSString *path = [NSSearchPathForDirectoriesInDomains(NSDownloadsDirectory, NSUserDomainMask, YES) lastObject];
-	return pathEscape(path);
-}
-
-static NSURL *defaultMoviesDirectory(void) {
-	NSString *path = [NSSearchPathForDirectoriesInDomains(NSMoviesDirectory, NSUserDomainMask, YES) lastObject];
-	return pathEscape(path);
-}
-
 @interface PathItem : NSObject
 @property(nonatomic, strong) NSString *path;
 @property(nonatomic) BOOL enabled;
@@ -99,12 +70,6 @@ static NSURL *defaultMoviesDirectory(void) {
 
 	if(!results || [results count] < 1) return;
 
-	NSURL *defaultMusic = defaultMusicDirectory();
-	NSURL *defaultDownloads = defaultDownloadsDirectory();
-	NSURL *defaultMovies = defaultMoviesDirectory();
-
-	NSURL *container = containerDirectory();
-
 	id sandboxBrokerClass = NSClassFromString(@"SandboxBroker");
 
 	NSMutableArray *items = [[NSMutableArray alloc] init];
@@ -125,7 +90,8 @@ static NSURL *defaultMoviesDirectory(void) {
 	// Add other system paths to this setting
 	NSString *fileTreePath = [[NSUserDefaults standardUserDefaults] stringForKey:@"fileTreeRootURL"];
 	if(fileTreePath && [fileTreePath length]) {
-		[array addObject:[NSURL URLWithString:fileTreePath]];
+		// Append false name to dodge the directory/fragment trimmer
+		[array addObject:[NSURL URLWithString:[fileTreePath stringByAppendingPathComponent:@"moo.mp3"]]];
 	}
 
 	NSString *soundFontPath = [[NSUserDefaults standardUserDefaults] stringForKey:@"soundFontPath"];
@@ -135,14 +101,7 @@ static NSURL *defaultMoviesDirectory(void) {
 
 	for(NSURL *fileUrl in array) {
 		NSURL *url = [sandboxBrokerClass urlWithoutFragment:fileUrl];
-		if([sandboxBrokerClass isPath:url aSubdirectoryOf:defaultMusic] ||
-		   [sandboxBrokerClass isPath:url
-		              aSubdirectoryOf:defaultDownloads] ||
-		   [sandboxBrokerClass isPath:url
-		              aSubdirectoryOf:defaultMovies] ||
-		   [sandboxBrokerClass isPath:url
-		              aSubdirectoryOf:container] ||
-		   [sandboxPathBehaviorController matchesPath:url])
+		if([sandboxPathBehaviorController matchesPath:url])
 			continue;
 
 		NSArray *pathComponents = [url pathComponents];
diff --git a/Utils/SandboxBroker.m b/Utils/SandboxBroker.m
index b53024f65..005db67f8 100644
--- a/Utils/SandboxBroker.m
+++ b/Utils/SandboxBroker.m
@@ -17,40 +17,6 @@
 
 #import "PlaylistController.h"
 
-static NSURL *_containerDirectory = nil;
-static NSURL *_defaultMusicDirectory = nil;
-static NSURL *_defaultDownloadsDirectory = nil;
-static NSURL *_defaultMoviesDirectory = nil;
-
-static NSURL *containerDirectory(void) {
-	NSString *path = [@"~" stringByExpandingTildeInPath];
-	return [NSURL fileURLWithPath:path];
-}
-
-// XXX this is only for comparison, not "escaping the sandbox"
-static NSURL *pathEscape(NSString *path) {
-	NSString *componentsToRemove = [NSString stringWithFormat:@"Library/Containers/%@/Data/", [[NSBundle mainBundle] bundleIdentifier]];
-	NSRange rangeOfMatch = [path rangeOfString:componentsToRemove];
-	if(rangeOfMatch.location != NSNotFound)
-		path = [path stringByReplacingCharactersInRange:rangeOfMatch withString:@""];
-	return [NSURL fileURLWithPath:path];
-}
-
-static NSURL *defaultMusicDirectory(void) {
-	NSString *path = [NSSearchPathForDirectoriesInDomains(NSMusicDirectory, NSUserDomainMask, YES) lastObject];
-	return pathEscape(path);
-}
-
-static NSURL *defaultDownloadsDirectory(void) {
-	NSString *path = [NSSearchPathForDirectoriesInDomains(NSDownloadsDirectory, NSUserDomainMask, YES) lastObject];
-	return pathEscape(path);
-}
-
-static NSURL *defaultMoviesDirectory(void) {
-	NSString *path = [NSSearchPathForDirectoriesInDomains(NSMoviesDirectory, NSUserDomainMask, YES) lastObject];
-	return pathEscape(path);
-}
-
 static SandboxBroker *kSharedSandboxBroker = nil;
 
 @interface SandboxEntry : NSObject {
@@ -69,7 +35,6 @@ static SandboxBroker *kSharedSandboxBroker = nil;
 @property NSInteger refCount;
 
 - (id)initWithToken:(SandboxToken *)token;
-- (id)initWithStaticURL:(NSURL *)url;
 @end
 
 @implementation SandboxEntry
@@ -84,17 +49,6 @@ static SandboxBroker *kSharedSandboxBroker = nil;
 	return obj;
 }
 
-- (id)initWithStaticURL:(NSURL *)url {
-	SandboxEntry *obj = [super init];
-	if(obj) {
-		obj->_refCount = 1;
-		obj->_secureUrl = nil;
-		obj->_token = nil;
-		obj->_path = [url path];
-	}
-	return obj;
-}
-
 - (NSInteger)refCount {
 	return _refCount;
 }
@@ -193,22 +147,6 @@ static SandboxBroker *kSharedSandboxBroker = nil;
 - (SandboxEntry *)recursivePathTest:(NSURL *)url {
 	SandboxEntry *ret = nil;
 
-	static dispatch_once_t onceToken;
-	dispatch_once(&onceToken, ^{
-		_containerDirectory = containerDirectory();
-		_defaultMusicDirectory = defaultMusicDirectory();
-		_defaultDownloadsDirectory = defaultDownloadsDirectory();
-		_defaultMoviesDirectory = defaultMoviesDirectory();
-	});
-
-	NSArray *urls = @[_containerDirectory, _defaultMusicDirectory, _defaultDownloadsDirectory, _defaultMoviesDirectory];
-
-	for(NSURL *checkUrl in urls) {
-		if([SandboxBroker isPath:url aSubdirectoryOf:checkUrl]) {
-			return [[SandboxEntry alloc] initWithStaticURL:checkUrl];
-		}
-	}
-
 	NSPersistentContainer *pc = [SandboxBroker sharedPersistentContainer];
 
 	NSSortDescriptor *sortDescriptor = [NSSortDescriptor sortDescriptorWithKey:@"path.length" ascending:NO];