App Sandbox
Restrict access to system resources and user data in macOS apps to contain damage if an app becomes compromised.
Overview
App Sandbox provides protection to system resources and user data by limiting your app’s access to resources requested through entitlements.
Topics
Essentials
App Sandbox EntitlementProtecting user data with App SandboxEmbedding a command-line tool in a sandboxed appDiscovering and diagnosing App Sandbox violations
Network
Hardware
Camera entitlementcom.apple.security.device.microphonecom.apple.security.device.usbcom.apple.security.printcom.apple.security.device.bluetooth
App Data
File Access
Accessing files from the macOS App SandboxMigrating your app’s files to its App Sandbox containercom.apple.security.files.user-selected.read-onlycom.apple.security.files.user-selected.read-writecom.apple.security.files.downloads.read-onlycom.apple.security.files.downloads.read-writecom.apple.security.assets.pictures.read-onlycom.apple.security.assets.pictures.read-writecom.apple.security.assets.music.read-onlycom.apple.security.assets.music.read-writecom.apple.security.assets.movies.read-onlycom.apple.security.assets.movies.read-writeAll files entitlementNSAppDataUsageDescription