search

dotnet / runtime

.NET is a cross-platform runtime for cloud, mobile, desktop, and IoT apps.
https://docs.microsoft.com/dotnet/core/
MIT License
14.65k stars 4.57k forks source link

IsolatedStorageFile.GetMachineStoreForApplication() not working on MacOS #89298

Closed kor-ren closed 1 year ago

kor-ren commented 1 year ago

Description

IsolatedStorageFile.GetMachineStoreForApplication() returns a folder in /usr/share/IsolatedStorage/.. which is not writable on MacOS.

The code will throw a System.UnauthorizedAccessException.

Reproduction Steps

using System.IO.IsolatedStorage;

try
{
    IsolatedStorageFile.GetMachineStoreForApplication();
}
catch (Exception e)
{
    Console.Error.WriteLine(e);
}

Expected behavior

A writable folder will be used.

Actual behavior

Used folder is not writable:

Console output from reproduction steps:

Console output:

System.UnauthorizedAccessException: Access to the path '/usr/share/IsolatedStorage/2hwhliu2.t4r/hr5el4nv.lz5' is denied.
 ---> System.IO.IOException: Operation not permitted
   --- End of inner exception stack trace ---
   at System.IO.FileSystem.CreateDirectory(String fullPath)
   at System.IO.Directory.CreateDirectory(String path)
   at System.IO.IsolatedStorage.Helper.GetRandomDirectory(String rootDirectory, IsolatedStorageScope scope)
   at System.IO.IsolatedStorage.Helper.GetRootDirectory(IsolatedStorageScope scope)
   at System.IO.IsolatedStorage.IsolatedStorageFile..ctor(IsolatedStorageScope scope)
   at System.IO.IsolatedStorage.IsolatedStorageFile.GetMachineStoreForApplication()
   at Program.<Main>$(String[] args) in /Users/redected/dev/playground/dotnet/IsolatedStorageBug/Program.cs:line 6

Process finished with exit code 0.

Regression?

No response

Known Workarounds

No response

Configuration

Dotnet Version: 6.0.412 MacOS Version: 13.4.1 (c) Apple M1 Pro (ARM64)

Other information

Protected folders on Apple:

https://support.apple.com/en-us/HT204899

ghost commented 1 year ago

Tagging subscribers to this area: @dotnet/area-system-io See info in area-owners.md if you want to be subscribed.

Issue Details
### Description IsolatedStorageFile.GetMachineStoreForApplication() returns a folder in `/usr/share/IsolatedStorage/..` which is not writable on MacOS. The code will throw a System.UnauthorizedAccessException. ### Reproduction Steps ```csharp using System.IO.IsolatedStorage; try { IsolatedStorageFile.GetMachineStoreForApplication(); } catch (Exception e) { Console.Error.WriteLine(e); } ``` ### Expected behavior A writeable folder will be used. ### Actual behavior Used folder is not writeable: Console output from reproduction steps: Console output: ``` System.UnauthorizedAccessException: Access to the path '/usr/share/IsolatedStorage/2hwhliu2.t4r/hr5el4nv.lz5' is denied. ---> System.IO.IOException: Operation not permitted --- End of inner exception stack trace --- at System.IO.FileSystem.CreateDirectory(String fullPath) at System.IO.Directory.CreateDirectory(String path) at System.IO.IsolatedStorage.Helper.GetRandomDirectory(String rootDirectory, IsolatedStorageScope scope) at System.IO.IsolatedStorage.Helper.GetRootDirectory(IsolatedStorageScope scope) at System.IO.IsolatedStorage.IsolatedStorageFile..ctor(IsolatedStorageScope scope) at System.IO.IsolatedStorage.IsolatedStorageFile.GetMachineStoreForApplication() at Program.
$(String[] args) in /Users/redected/dev/playground/dotnet/IsolatedStorageBug/Program.cs:line 6 Process finished with exit code 0. ``` ### Regression? _No response_ ### Known Workarounds _No response_ ### Configuration Dotnet Version: 6.0.412 MacOS Version: 13.4.1 (c) Apple M1 Pro (ARM64) ### Other information Protected folders on Apple: https://support.apple.com/en-us/HT204899
Author: rekor001
Assignees: -
Labels: `area-System.IO`
Milestone: -
Jozkee commented 1 year ago

As per https://apple.stackexchange.com/a/301978, the problem is because of macOS's SIP, you need to disable it to be able to use Isolated Storage on macOS.

Changing the default path probably is not an option because it would be a breaking change.

kor-ren commented 1 year ago

As per https://apple.stackexchange.com/a/301978, the problem is because of macOS's SIP, you need to disable it to be able to use Isolated Storage on macOS.

Changing the default path probably is not an option because it would be a breaking change.

I understand that changing the default path is not a good idea. In my case I'm not using IsolatedStorage directly. I use a library which uses IsolatedStorage. My software would then only work if I disable SIP. And I have to disable it on production systems too, otherwise I cannot run the application.

Would be nice if there is a configuration parameter to change the default path to a custom prefix. Otherwise IsolatedStorage will never work on a Mac by defualt. Only if SIP is disabled which opens security risks.

Jozkee commented 1 year ago

If you need to unblock you, I wonder if you could temporarily disable SIP and run chown -R youruser /usr/share/IsolatedStorage then enable SIP back.