Hello 👋
Our team added com.apple.security.temporary-exception.apple-events: com.apple.Terminal recently to our Mac app to be able to tell the terminal to execute a specific command line automatically for the user when clicking a button but we've been rejected during review because of this entitlement so for now we've deleted it and deleted the associated feature. It concerns the following feature (see attachment).
Context: Among other things the application enable to review pull request changes (remote) and we would like a button to automatically clone the pull request on disk when user click a button. We would like to use terminal for security reason as when cloning using git command we need ssh keys or other credential and there's no reason (rather than technical ones) that the user provide us such private information that is stored in the ~/.ssh. We prefer think the other way around and tell the user what to execute instead (no credentials involved or shared).
I admit it's unclear for me if this will imply a 100% rejection or if these entitlements are deprecated.
- Is "com.apple.security.temporary-exception.apple-events: com.apple.Terminal" an entitlement that is reserved for special Apple partners ?
- Is it an entitlement that we should demonstrate usage first ? Or should we completely remove the feature if we distribute through the App Store ?
- Is Apple advice for other APIs to develop such features (execute command line for the user) when distributing through the App Store ?
As said we've disabled the feature for now.
Thank you in advance for those who will take time to answer this,
Thanks for opening a forums thread about this.
Lemme start with this bit:
I admit it's unclear for me if this will imply a 100% rejection or if these entitlements are deprecated.
Well, it’s neither (-: The App Sandbox Resources post has links to:
- This post, which explains the nuances
- The Case for Sandboxing a Directly Distributed App, which explains why temporary exception entitlements are super useful outside of the App Store
Regarding your specific issue, I don’t work for App Review, and thus can’t make definitive statements on their behalf, but I expect that you’re not going to be able to convince them to let you use the com.apple.security.temporary-exception.apple-events entitlement, especially if it targets Terminal. Such an entitlement in tantamount to shipping a non-sandboxed app, because whatever restriction you hit you could tell Terminal to bypass them.
As to what you should do, my general advice for folks in your situation is to add a general-purpose script attachment feature. Then, if the user wants your app to integrate with their default Git setup, they can add a script that does that.
I’ve explained this idea many times previously, so I decided to write it down: Implementing Script Attachment in a Sandboxed App
I want to stress that this is not meant to be a generic sandbox bypass mechanism, and if you approach it as such then I wouldn’t be surprised if you encounter App Review problems. Rather, think of it as a general way for the user to integrate interesting workflows into your app. That’s good for your user, and good for you. Be creative!
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"