Bike Document Security

I keep confidential (e.g., customer-related) data in a special encrypted .dmg volume.

Whenever I store documents from a new app there, I want to understand the possible exposures with caches, etc. held outside of the encrypted volume.

Can you give me any help understanding this with Bike? I see there are lots of files saved in ~/Library/Containers/com.hogbaysoftware.Bike. Is there anything there or elsewhere that I need to be concerned might expose data from my Bike documents?


Bike is a sandboxed and document based app.

Both are closed source Apple provided technologies that many apps use and that I don’t fully understand.

The sandbox technology, among other things, limits the possibilities for these sorts of caches. Bike can’t read/write data anywhere outside it’s container except for specific files that you have chosen (document files). So any caches should be limited to that folder. I’m not writing any caches myself, but Apple frameworks are…

The document based aspect of Bike does mean that some caches are made. In particular I know that autosave and versions save caches. How those technologies are implemented by Apples code I’m not certain (and I imagine it can change), but this article has an overview of what they do.

1 Like

Thanks–this was helpful.

It looks like the autosaved versions are kept in a directory at the root level of the drive hosting the document–which is the encrypted drive in this case and thus is fine.

I have a cleanup script that runs at the end of the day that was already cleaning up the caches for OmniOutliner and TaskPaper. I’ve added the cache for Bike.

So I think I’m good. Thanks again.

1 Like

Just be careful that you have saved before the cleanup script runs. The behavior has changed over the years (I think, maybe), but at one point I think it was possible that:

  1. You could quit a document based app that had changes
  2. You would not be asked to save those changes, because they were autosaved
  3. Next time you start app the autosaved changes would load

I’m not certain how it works now, but I would test a few scenarios before deleting those autosave files just to make sure you don’t lose data.

Yup. I don’t run the cleanup script when any of the apps it covers are active. And it doesn’t touch the saved versions (since they’re safe anyway–kept on the encrypted volume), just the caches.

The cache setup appears to be almost identical to OmniOutliner, which I’ve been running the script on for years.

Good :slight_smile: Yeah, the cache setup should be the same as pretty much any macOS document based app. Again this logic and code is all provided by Apple frameworks, not Bike.