Sandbox

What is a sandbox?

There are many reasons why the iOS system is more secure than the Android (or Windows) system. One of them is the sandbox mechanism introduced by Apple. Each application has its own corresponding sandbox, and each application cannot access each other. It is not the sandbox of this program. Therefore, the iOS system is safer than other systems, and it is also safer than Windows in terms of memory. Apple’s applications will receive memory when the memory consumption is too high. Warning, if it is not dealt with in time, the application will automatically exit, unlike the Windows system, the virus or Trojan will continue to consume memory until the memory runs out. It can be said that the sandbox mechanism makes the iOS system more secure.

Sandboxing is a security mechanism used to prevent different applications from accessing each other.
Each application in the iOS system has its own corresponding sandbox, and each sandbox is independent of each other and cannot be accessed from each other (without jailbreak).

1) Each app has its own storage space
2) The application cannot climb over its own wall to access the content of other storage spaces
3) The data requested by the application must pass the permission detection. If it does not meet the conditions, it will not be released.

The role of the sandbox is to store data, and each sandbox is equivalent to the system directory of each application.

1) Each application is located in a strictly restricted part of the file system
2) Each application can only read files in the filesystem created for that program
3) Each application is placed in a unified folder directory in the iOS system
4) The essence of the sandbox is a folder whose name is randomly assigned

The sandbox directory contains: Documents, Library, tmp and a xxx.app file

1) Documents: used to store file data in the program, some data generated by the application during runtime that needs to be saved for a long time (such as game progress archive, application personal settings, etc.), when backed up through iTunes, iCloud, will be backed up The data in this directory contains relatively important data.

2) Library contains Caches and Preferences subdirectories

3) Caches: Store cache files, files, or data downloaded from the Internet (such as music cache, picture cache, etc.), the files in this directory will not be automatically deleted when the application exits and the programmer needs to manually clear the changed directory. data. The data in this directory will not be backed up when iTunes and iCloud are backed up. It is mainly used to save the data generated by the application at runtime that needs to be used for a long time. It is generally used to store non-important data with a large volume that does not need to be backed up.
4) Preferences stores the setting data based on NSUserDefaults, and the file format is “plist”. Some functions of the Settings app will look for the corresponding setting information in this directory, and the data in this directory will be backed up when iTunes and iCloud are backed up. This directory is automatically managed by the system and is usually used to store some basic application configuration information. Such as account password, automatic login, etc.

5) tmp: Store some temporary data and files generated when the application is running. When the application exits, the system disk space is insufficient, and the phone is restarted, the data in this directory will be automatically cleared. There is no need for programmers to manually clear the data in this directory, and this directory will not be backed up when iTunes and iCloud are backed up.
6) xxx. app (application package): Contains nib files, pictures, audio, and other resources in the program

There are two ways to view the application sandbox in OS X:

(1) Open the Finder application and open the “Go to Folder” dialog box through the “command+shift+G” shortcut key. The user can enter “/users//library/” in the dialog box so that Access the OS X library directory. Then enter the ApplicationSupport/iPhone Simulator/7.0/Applications subdirectory in this directory. iOS stores all third-party libraries in the Applications directory, and each application is stored in a folder called Globally Unique Identifier (GUID). The GUID folder is the application sandbox.

(2) Enter “defaultwrite com.apple.finder AppleShowAllFiles –bool true” in the OS X system command line window, then exit the Finder, restart the Finder program to see the hidden files folder, so that you can directly enter /users through the Finder //library/Application Support/iPhone Simulator/7.0/Applications directory, you can also see the GUID folders of all third-party applications in this directory.

Open any application’s folder and you will see the following file structure:

(1) Documents: Except for the preference settings based on NSUserDefaults, the data and files of the application are saved in this directory.

(2) Library: The preference parameters based on NSUserDefaults are saved in the Library/Preferences directory.

(3) tmp: This directory supplies applications to store temporary files. When iOS performs synchronization, iTunes will not back up files in the tmp directory. When the application no longer needs a temporary file, it should be responsible for deleting the temporary file in the tmp directory to avoid occupying memory space.

Get the Documents directory
Since our application is located in the GUID folder, the name of this folder looks completely random. Foundation provides the NSSearchPathForDirectoriesInDomains() function. The sample code is as follows:

NSArry *paths =   NSSearchPathForDirectoriesInDomains(NSDocumentDirectory, NSUser DonmainMask,  YES);

NSString *documentsDirectory  = [paths objectAtIndex:0];

get tmp directory
To get the tmp directory, directly call the NSTemporaryDirectory() function, which will return a string that represents the full path of the tmp directory. The sample code is as follows:

NSString *tempPath = NSTemoraryDirectory();

Using the Settings Bundle
The Settings Bundle is a set of special files in the application, which is used for the Settings application that comes with the high-speed iOS. The application hopes to use the Setting application to obtain the mobile phone program parameters.

The biggest advantage of using the SettingBundle to set application parameters is that there is no need for programmers to develop the interface, the application setting interface is completely provided by the Settings application, and the developer only needs to provide the Setting Bundle file.

After the developer provides the SettingBundle for the application, the parameter setting interface of the application is provided by the Settings application of the system, and the program parameters set by the user are also saved by Settings. Every time Settings is opened for setting, Settings is responsible for reading the parameters set by the user. . The Settings application is responsible for the parameter setting interface, data storage, and reading logic of the application.

property list
For applications that only need to save simple data, using a property list is a good choice. NSArray and NSDictionary objects provide the writeToFile: (NSString*) filePath atonically: (BOOL) flag method, which can be included in NSArray and NSDictionary The data is written to the properties file.

When restoring these data, just call the xxxWithContentsOfFile:(NSString*)filePath method of NSArray and NSDictionary to perform initialization.

It should be pointed out that the writeToFile:(NSString*)filePath atomically:(BOOL)flag method can be called to execute the save only after the data contained in NSArray and NSDictionary is written into the property file to save the following types of objects:

(1) NSArray and NSMutableDictionary.

(2) NSDictionary and NSMutableDictionary.

(3) NSData and NSMutableData.

(4) NSString and NSMutableString.

(5) NSValue and NSNumber.

This means that if other types of objects are saved in NSArray and NSDictionary, or instances of programmer-defined classes are saved, the writeToFile: (NSString*) filePath atomically: (BOOL) flag method of NSArray and NSDictionary cannot be called directly to save.

Leave a Comment

Your email address will not be published.

Scroll to Top