[Cyberduck-trac] [Cyberduck] #10237: Operation not permitted (connect failed)
Cyberduck
trac at cyberduck.io
Sun Feb 25 10:38:58 UTC 2018
#10237: Operation not permitted (connect failed)
--------------------------+----------------------------
Reporter: jamalahmed82 | Owner: jamal ahmed
Type: defect | Status: new
Priority: highest | Milestone:
Component: appstore | Version: 6.4.1
Severity: major | Resolution:
Keywords: failed | Architecture:
Platform: |
--------------------------+----------------------------
Comment (by dkocher):
Fucked up entitlements for downloaded bundle from Mac App Store.
{{{
codesign -d --entitlements - /Applications/Cyberduck.app/
Executable=/Applications/Cyberduck.app/Contents/MacOS/Cyberduck
??qq?<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.network.server</key>
<true/>
<key>com.apple.security.files.bookmarks.app-scope</key>
<true/>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.files.bookmarks.document-
scope</key>
<true/>
<key>com.apple.security.application-groups</key>
<array>
<string>G69SCX94XU.duck</string>
</array>
<key>com.apple.security.scripting-targets</key>
<dict>
<key>com.apple.systempreferences</key>
<array>
<string>preferencepane.reveal</string>
</array>
</dict>
</dict>
</plist>
}}}
Missing several keys such as
{{{
<key>com.apple.security.network.client</key>
<!-- The ability to open an outgoing connection to another machine
-->
<true/>
}}}
from the original entitlements for the submitted binary
{{{
mellifera:~ dkocher$ codesign -d --entitlements -
~/Downloads/Cyberduck.app/
Executable=/Users/dkocher/Downloads/Cyberduck.app/Contents/MacOS/Cyberduck
??qqn<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
"http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.files.bookmarks.app-scope</key>
<true/>
<key>com.apple.security.files.bookmarks.document-scope</key>
<true/>
<key>com.apple.security.network.server</key>
<!-- The ability to open a socket for listening. Used for Active
(PORT) FTP data connections -->
<true/>
<key>com.apple.security.network.client</key>
<!-- The ability to open an outgoing connection to another machine
-->
<true/>
<key>com.apple.security.files.downloads.read-write</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>
<key>com.apple.security.print</key>
<!-- The ability to print -->
<true/>
<key>com.apple.security.application-groups</key>
<array>
<string>G69SCX94XU.duck</string>
</array>
<key>com.apple.security.scripting-targets</key>
<dict>
<key>com.apple.systempreferences</key>
<array>
<string>preferencepane.reveal</string>
</array>
</dict>
</dict>
</plist>
}}}
--
Ticket URL: <https://trac.cyberduck.io/ticket/10237#comment:5>
Cyberduck <https://cyberduck.io>
Libre FTP, SFTP, WebDAV, S3 & OpenStack Swift browser for Mac and Windows
More information about the Cyberduck-trac
mailing list