Using /dev/stdout in a sandboxed app

Graham Cox

Hi all,

In my app I use NSTask to launch a copy of ffmpeg as a child process to do some work in the background on a video stream.

I pass parameters to this task via the command line arguments through NSTask. One of the arguments is where to send its ‘progress’ output, which I direct to /dev/stdout, which in turn I open as a file handle so my app receives these notifications. I parse what comes back to update my UI in various ways.

This all works fine when the app is built unsandboxed.

When it is sandboxed, the NSTask fails to launch because it doesn’t have permission to open /dev/stdout

I’m wondering how to deal with this. If I just create a URL for /dev/stdout and then call -startAccessingSecurityScopedResource on it, that has no effect, but it’s probably naive to think it would. The launched task is responsible for opening the stream, and I have no idea what exactly it does to do that anyway - it’s all internal to ffmpeg.

Can this even be done in a sandboxed app?


Join { to automatically receive all group messages.