[macOS] Dashboard receiving events from different unsandoxed apps. #349
Comments
|
Hello @esphynox , Thank you for the very detailed explanation and in depth steps to reproduce and solve the issue. We will look at this next sprint 5/24 - 6/4. This is a very interesting write-up on the intricacies of file system behavior for multiple iOS apps in certain conditions. We will definitely test this ourselves. We will have to consult within our team to recognize the implications of sandboxing an event and if we can actually receive events from sandboxed apps in production. Also, if we intended this as an architectural decision for Amplitude SDKs and if there's a security concern. Dante |
|
Alright, cool. Thanks! |
|
Hi there. I would be really grateful for any updates on this issue. |
|
Hi @esphynox, Thanks for your patient. I'm working on this right now. |
|
Hi there, @yuhao900914. Is there any updates for this issue? |
|
@esphynox |
|
Hello there, are there any updates? |
Expected Behavior
I should receive events only from my application.
Current Behavior
I'm receiving events from other applications using Amplitude iOS SDK on this computer.
I'm not sure, but this might be considered as security issue, since I'm could receive analytics data of other developers?
Possible Solution
Problem
Problem lurking inside function
platformDataDirectoryofAMPUtils.mfile.Thing is following API call:
[NSSearchPathForDirectoriesInDomains(NSLibraryDirectory, NSUserDomainMask, YES) objectAtIndex:0];returns different paths when macOS app is sandboxed and not sandboxed.
When app is sandboxed returned value from this function is:
/Users/<username>/Library/Containers/<app_bundle_identifier>/Data/Librarybut when app isn't sandboxed returned value is:
/Users/<username>/LibraryWhich leads to situation that every app is reading and writing to database located by path
/Users/<username>/Library/com.amplitude.databaseWhen user have no internet, events stacking inside database from all unsandboxed applications and then sent to dashboard.
Possible solutions
I'm not exactly sure what's the best solution to implement in your case, but I see two different approaches two fix this issue.
Solution 1 - Separate DB file for each app
You can add bundle identifier of host application to database filename so it won't collide for different apps.
I guess downside to this approach is that you might need to migrate records from old file to new which might be not an easy task.
Solution 2 - Filter records on send
You can add bundle identifier of host application to each event that is recorded to database. Then when reading those event from database and before sending those events to your backend you can filter them by bundle identifier of host applications so you can exclude unneeded events.
This might be a more hackier approach then previous but still might work.
Steps to Reproduce
Pre-requesites
For correct observation of this issue we need two different apps and two different API keys for SDK. I prepared test application which with few modifications will correctly reproduce this issue. We will change bundle identifier of application so we can emulate two different apps using Amplitude.
Steps
TestViewController.swiftfile and replaceAPI_KEY_1&API_KEY_2strings with correct API keys./Users/<username>/Library/com.amplitude.databasecom.esphynox.AmplitudeTest1tocom.esphynox.AmplitudeTest2./Users/<username>/Library/com.amplitude.databaseAPI_KEY_2and observe that there is twoLaunchevents fromcom.esphynox.AmplitudeTest1andcom.esphynox.AmplitudeTest2applications.Environment
The text was updated successfully, but these errors were encountered: