I understand that sandbox was introduced in Mac OS X Lion (10.7) but temporary exception entitlements, specifically com.apple.security.temporary-exception.files.home-relative-path.read-write, were introduced in a later 10.7.x update (which one?)
Similarly security scoped bookmarks were introduced in 10.7.3.
My Mac app (not currently sandboxed) is a document based app that creates documents that have references to pictures on users' mac. Once a user uses some pictures in his document we simply save the path (for eg. /Users/myname/Desktop/pic.jpg) of used picture in that document. When a user quits the app and reopens the saved document, our app can simply get access to the picture using the path from the document. Since our app is not sandboxed this works on all versions 10.6.x, 10.7.x, and 10.8.x
We would now like to sandbox our app and ensure that it continues to work on all versions (10.6.x, 10.7.x, and 10.8.x) of Mac OS X. To achieve this, we will
Ask for a temporary exception entitlement, specifically com.apple.security.temporary-exception.files.absolute-path.read-write and this will enable random file access for 10.7.3 onwards. But what do we do for 10.7, 10.7.1, and 10.7.2?
Beyond 10.7.3 we will start using security scoped bookmarks.
