Hey Vijay, great question—let’s break this down clearly for you:

1. 沙盒应用是否可以使用FileSystem Events？ #

Absolutely yes! FileSystem Events (FSEvents) is fully supported in sandboxed macOS apps. You can use the standard FSEvents API (like FSEventStreamCreate in Objective-C/Swift, or the higher-level FileMonitor in SwiftUI/AppKit) just like you would in a non-sandboxed app, as long as you’re working within the sandbox’s access rules.

2. 能否监控任意目录？ #

Here’s the catch: you cannot monitor arbitrary directories in a sandboxed app—sandbox restrictions prevent this for security reasons. Your app can only monitor directories it has explicit access to, which includes:

• The app’s own container directory (e.g., ~/Library/Containers/[YourAppBundleID]/Data/)
• Directories the user has explicitly granted access to via an Open/Save dialog
• Directories you’ve requested persistent access to using Security-scoped bookmarks (after the user first grants access via a dialog)
• System-wide directories you’ve declared entitlement for (like Downloads, Documents, or Pictures—you need to add the corresponding sandbox entitlements in your Xcode project)

If you try to set up an FSEvents stream for a directory your app doesn’t have access to, the stream will either fail to initialize or won’t receive any events for that path.

Quick Example Context #

Suppose you want to monitor the user’s Downloads folder:

1. Add the com.apple.security.files.user-selected.read-write entitlement (or the specific com.apple.security.files.downloads.read-write entitlement if you only need Downloads) to your app’s sandbox settings.
2. Use FSEvents to create a stream targeting the Downloads path—this will work because the sandbox now allows access.

If you need to monitor a custom folder the user picks, you’ll need to prompt them to select it via an NSOpenPanel, then create a security-scoped bookmark to retain access across app launches, and then attach your FSEvents stream to that path.

内容的提问来源于stack exchange，提问作者vijay