Codeworks implements a level of security by restricting andcontrolling access to your disks. It is important that you understand what it is doing so that you can resonably protected from both buggy and malicious scripts, whether your own or retrieved from the World Wide Web.
Codeworks divides your disks into four areas, each with different levels of security:
1) System Folder - Completely unaccessible from Codeworks
Scripts are not allowed to read, write, create, or delete files or folders in the System Folder. Note that this only covers the System Folder on the startup disk. Other system folders that you may have are not treated specially.
2) Glyphic Folder - Total access is permitted here.
This is the folder that contains the Codeworks application. Scripts can read, write, create and delete files here.
3) Document Folder - Total access is permitted here.
This folder may be selected via the “Set Document Folder...” in the System menu. Scripts can read, write, create and delete files here. The intention is that you can set this folder when you are working on your own scripts. The dialog box that appears when you choose the menu item also has a choice of ‘None’. Choosing ‘None’ causes the previous Document Folder, if any, to be forgotten.
4) The Rest of your Disks - Restricted access.
There are two modes for the remainder of the disk. These two modes are selected from the menu item “Allow File Access...” in the System menu. The two modes are:
Deny: The rest of the disk is unaccessible.
Allow: The rest of the disk readable by scripts. Any attempt of a script to write, create or delete files or folders will result in a dialog asking your confirmation or denial. If you see such a dialog, you should generally deny access unless you fully understand what this script is doing (for example, if you wrote the script yourself.)
Important:
Despite the above restrictions, Codeworks will allow a script any type of access (read, write, create and delete) to a file or folder that you name or pick in a standard file dialog box. Do not choose a file unless you are certain you know what the script is going to do with it.
Glyphic object files (those with the gear & document icon) that are opened with the Finder (via double clicking, drag-n-drop, or the Open menu) are allowed to be readable, no matter where on your disk you place them.
Lastly, Codeworks also monitors the amount of file activity that scripts perform. On every 100th file created, and 100th kilobyte written, a dialog will ask you if you want to proceed. Generally this indicates a run-away script, but at other times it may be normal. For example, if you write a run-away script, and cancel it just before it writes the 100th kilobyte, the very next time you save your work, you will be writing that 100th kilobyte. You will be asked if you want to proceed, which in this case you do.
