[Cyberduck-trac] [Cyberduck] #10237: Operation not permitted (connect failed)

Cyberduck trac at cyberduck.io
Sun Feb 25 10:38:58 UTC 2018


#10237: Operation not permitted (connect failed)
--------------------------+----------------------------
 Reporter:  jamalahmed82  |         Owner:  jamal ahmed
     Type:  defect        |        Status:  new
 Priority:  highest       |     Milestone:
Component:  appstore      |       Version:  6.4.1
 Severity:  major         |    Resolution:
 Keywords:  failed        |  Architecture:
 Platform:                |
--------------------------+----------------------------

Comment (by dkocher):

 Fucked up entitlements for downloaded bundle from Mac App Store.

 {{{
 codesign -d --entitlements - /Applications/Cyberduck.app/
 Executable=/Applications/Cyberduck.app/Contents/MacOS/Cyberduck
 ??qq?<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
 "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
         <dict>
                 <key>com.apple.security.network.server</key>
                 <true/>

                 <key>com.apple.security.files.bookmarks.app-scope</key>
                 <true/>

                 <key>com.apple.security.app-sandbox</key>
                 <true/>

                 <key>com.apple.security.files.bookmarks.document-
 scope</key>
                 <true/>

                 <key>com.apple.security.application-groups</key>
                 <array>
                         <string>G69SCX94XU.duck</string>
                 </array>

                 <key>com.apple.security.scripting-targets</key>
                 <dict>
                         <key>com.apple.systempreferences</key>
                         <array>
                                 <string>preferencepane.reveal</string>
                         </array>

                 </dict>

         </dict>
 </plist>
 }}}

 Missing several keys such as

 {{{
         <key>com.apple.security.network.client</key>
         <!-- The ability to open an outgoing connection to another machine
 -->
         <true/>

 }}}

 from the original entitlements for the submitted binary


 {{{
 mellifera:~ dkocher$ codesign -d --entitlements -
 ~/Downloads/Cyberduck.app/
 Executable=/Users/dkocher/Downloads/Cyberduck.app/Contents/MacOS/Cyberduck
 ??qqn<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
 "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
     <dict>
         <key>com.apple.security.app-sandbox</key>
         <true/>
         <key>com.apple.security.files.bookmarks.app-scope</key>
         <true/>
         <key>com.apple.security.files.bookmarks.document-scope</key>
         <true/>
         <key>com.apple.security.network.server</key>
         <!-- The ability to open a socket for listening. Used for Active
 (PORT) FTP data connections -->
         <true/>
         <key>com.apple.security.network.client</key>
         <!-- The ability to open an outgoing connection to another machine
 -->
         <true/>
         <key>com.apple.security.files.downloads.read-write</key>
         <true/>
         <key>com.apple.security.files.user-selected.read-write</key>
         <true/>
         <key>com.apple.security.print</key>
         <!-- The ability to print -->
         <true/>
         <key>com.apple.security.application-groups</key>
         <array>
             <string>G69SCX94XU.duck</string>
         </array>
         <key>com.apple.security.scripting-targets</key>
         <dict>
             <key>com.apple.systempreferences</key>
             <array>
                 <string>preferencepane.reveal</string>
             </array>
         </dict>
     </dict>
 </plist>
 }}}

--
Ticket URL: <https://trac.cyberduck.io/ticket/10237#comment:5>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows


More information about the Cyberduck-trac mailing list