Gplus E-mail
 
 
Home » Uncategorized » Applescripts and Mail.app Sandboxing – How to download attachments
formats

Applescripts and Mail.app Sandboxing – How to download attachments

I just updated to OS 10.8 (Mountain Lion) yesterday and immediately face-planted into their sandbox. Any new Mac application distributed in the App Store will have to stay in a tight sandbox, and explicitly request permissions to do things on your computer.

This is great for security, but it also breaks a lot of older things that we used to to in a totally unsecure way, like, for instance, automatically downloading email attachments from Mail.app.

I’m using this post to write down all of the new things I discovered when fixing this problem, since it’s a whole of stuff. The following is my fixed AppleScript code (sorry about the image formatting, you can download the actual script here):


Anyway, the long and short of it is that Mail.app only has permission to save things to the ~/Downloads folder on your computer due to the specific entitlements it’s been granted. You can check which entitlements are granted to any application on your system by typing the following on the command line:

 

mycompy$ codesign -d --entitlements - /Applications/Mail.app/

and the following bit the output is the key part, that allows Mail.app to download attachments there:

 

<true/>
 <key>com.apple.security.files.downloads.read-write</key>
<true/>

For reference, here is a listing of the “entitlements” or specific permissions that are allowed as of July 30, 2012.

 

 

 


				
 
© (c) Ryan E. Guerra 2000-2016
credit