iOS Data Protection not working on already installed app - ios

I want to turn on 'Data Protection' in my app. Also, I wanted to check whether it is working with existing apps since I did not use it initially. To test this I used developer provisioning profile. First I installed the previous app (DataProtection is off) in my pass code enabled device and made sure that user's documents are available in the Documents folder. Then I turned on Data Protection in my provisioning profile and rebuilt the app using that new profile. Then I installed it on top of the previous app. Then I locked the device and downloaded the app sandbox using Xcode and noticed that I can access sandbox without any problem. I did it several times, but sandbox is still accessible.
Then I deleted the app and freshly installed the app that I had Data Protection turned on. Then I downloaded the app sandbox and I noticed that all folders in the sandbox including Documents folder are empty.
That means Data protection working only on freshly installed app. Am I doing anything wrong? I want to turn on Data Protection on my existing apps as well. How can I achieve this?

Since I didn't get enough attention to this question I posted it to apple developer forum. What they suggest was after enabling data protection If We are going to update the app (without deleting old app) we should explicitly set data protection for all files including old ones.
So what I did was loop through my document folder and set data protection attribute to all my old files.
Also I set data protection attributes in all places where I create new files. That solves my problem.
So the bottom line is If you are going to enable data protection in your old app better to do it explicitly.

Related

iOS wont delete my App Data after uninstall of MAUI Application

I am using MAUI.Essentials to store data in secure storage.
SecureStorage.SetAsync(key, securedValue);
But uninstalling the Application in android is deleting app data but the same is not working in iOS.
According to this post we need to turn off the backup in iCloud.
I am currently testing in iPhone simulator and under settings I have not logged in to iCloud.
Also I tried below code to manually delete the app data
if (VersionTracking.IsFirstLaunchEver)
{
services.AppCache.Clear();
}
But I don't want to delete it manually.
Any help is appreciated!
Given that (by iOS design) there isn't any way to delete data from iOS secure storage when app is deleted, you'll want a way to detect that there is "obsolete" data there, if the app gets deleted then re-installed.
When you detect this, you can decide whether to ignore or delete that "obsolete" data, so that it isn't visible to the new installation. Thus, it is as if it was not kept (other than the slight waste of storage -- never put anything large into secure storage).
I do this by creating an empty file in app local (not secure) storage, at the same time as saving the data to secure storage.
When app starts up, I check if that empty file exists. If it is not there, then I know anything in secure storage is "obsolete", left over from a previous install of app, so I erase it (if I don't want it to be visible when re-install).
Note that this also handles the case where user goes to Settings, finds the app, and does "Delete Data". Even if they don't uninstall app, the next time it runs, it will act as if it is a new install.
In the Maui official document (Secure storage) wrote:
KeyChain is used to store values securely on iOS devices. The
SecRecord used to store the value has a Service value set to
[YOUR-APP-BUNDLE-ID].microsoft.maui.essentials.preferences.
In some cases, KeyChain data is synchronized with iCloud, and
uninstalling the application may not remove the secure values from
user devices.
You can try to turn off iCloud with a real device, iCloud cannot be used in the simulator. You also can let the app start to call the delete code in your question to determine whether it is the first installation to delete the data in the KeyChain.

Application UUID changes with app update in iOS

I am storing path of downloaded file in sqlite db and when I update the app, its UUID changes but data doesn't get moved to new container. So the path is essentially invalid now. I checked if files still exist using iExplorer and they do.
platform.Is("iOS"){
this.localdirectory = this.file.dataDirectory+filename;
}
else
{
this.localdirectory = this.file.externalDataDirectory+filename;
}
A better approach to store UUIDs that need to be persistent between App installs would be to use the Keychain.
The keychain will not only persist between updates - but also between app installations. In fact - you can even remove the app altogether and it's still there.
Only completely setting up the device from scratch will actually give you a new value.
There is a gotcha (depending on how you build you Keychain domain) that different Provisioning profiles might get a new keychain (but old one still remains).
I do suggest using an open source to manage the keychain itself btw. It's really ... how should I put it ... different than a lot of modern code and conventions.
Also note - you can even use iCloud keychain in case you want to share across devices , and Appgroups to share among apps on the same phone.

iOS, config files and sandboxing

My understanding is that because of sandboxing, it isn't possible to view any text file (ie config file) associated with an iOS app using another app. Something quite simple with Android. Am I mistaken?
I am trying to implement a text config file with a Unity iOS app that gets loaded and parsed once when the application boots.
This config file would also be able to be edited and saved manually on that actual iOS device.
(addendum)
In Unity there is PersistentDataPath which resolves to /var/mobile/Container/Data/Application/foo/Documents
Is there an iOS supported file explorer app that will allow me view and edit files in this location (without jailbreaking)?
Use can check iOS App Groups. It allows multiple apps access to shared containers and allow interprocess communication. There is no so much documentation about this, but maybe that's what you're looking for. At least you can share NSUserDefaults between the apps.
NSUserDefaults it's a most simple way to save any (not big) configurations for your app. For manual editing: if your app on the device signed with developer certificate, you can connect through any iOS supported file explorer app and edit it. But after release, from App Store, your app installed in restricted/private path, so it's not possible, if only you don't have a jailbreak.
Initial configuration you can put into your app bundle, and at the first run just copy them to NSUserDefaults.
Short answer: There are utilities such as iExplorer - https://macroplant.com - that allow "file manager" type access. However...
Long answer: If your app requires users to buy (or get) other software to modify configuration files, the chances of Apple approving it are slim to none.
The appropriate thing to do is to provide a User Interface in your own app which allows the user to modify / update the settings.

Why is a new project with the same app ID still designated a new location?

We have created a new project with the same app ID, but this is designated a different folder in isolated storage. Why is this?
file:///Users/houman/Library/Developer/CoreSimulator/Devices/FBFFFF1E-B5C8-4541-AB4B-ED1657D43EB9/data/Containers/Data/Application/EB3A549F-1604-4E5C-8FBE-3076A3D581E5/Documents/
file:///Users/houman/Library/Developer/CoreSimulator/Devices/FBFFFF1E-B5C8-4541-AB4B-ED1657D43EB9/data/Containers/Data/Application/22E1E792-1F4F-4F05-B7D9-F61AD3624EE9/Documents/
Even though the apps share the same ID.
Since they don’t share the same location, no core data migration can take place.
Any advice please?
Update:
We have two apps in the AppStore and would like to combine the functionality. Hence the idea is to use the appID of the other app to push a new release from a separate project. We have the appID and right certificates, but the isolated storage seems to depend on something else than just appid. Without that a migration of existing data to the new system won't be possible. Alternatively we could copy and paste all files into the other project and go through lots of pain. That might make it possible.
I have seen this on my end - I believe (and could be wrong) that each simulator you run in gets its own folder on the disk. If you switch for iPhone 5 to iPhone 6s for example you may end up with a different folder.
I always actually (when running in the simulator) print out the on-disk location so that I can take a look at the sqlite file if i need to and recently (as of xcode7) i've noticed this directory change between runs - however in my case i tracked it down to changing simulator versions.
Mainly for security reasons. Every iOS application is placed in an application sandbox.
This not only refer to an application's sandbox directory in the file system, granting security by limiting the access to user data stored on the device, system services, and hardware.

Is there a way to not erase the documents directory when uninstalling the app?

I'm developing an AIR app for iPad, and I found that when I uninstall the app, the documents directory data gets erased, is there a way to keep this data even when I delete the app or this behavior is regulated by iOS and there is nothing I can do about it?.
Thanks.
No you cant
From The iOS Environment
For security reasons, iOS places each app (including its preferences and data) in a sandbox at install time. A sandbox is a set of fine-grained controls that limit the app’s access to files, preferences, network resources, hardware, and so on. As part of the sandboxing process, the system installs each app in its own sandbox directory, which acts as the home for the app and its data.
So you delete the application all the content regarding that particular app gets deleted.
as soon app get uninstalled the document directory folder also get deleted with that. Although you will not able to access that folder from other apps so there is no need to keep that.

Resources