Archive for October 2, 2011

Sunday, October 2, 2011

App Sandboxing Risks Eroding the Mac’s Identity

Andy Ihnatko:

It took me a few weeks to realize something: the whole point of sandboxing is to isolate all of the processes running in your system, and prevent any one of them from interacting in any way with any other process. Annnnd… controlling all of the apps and functions on your Mac is the whole point of Mac OS X’s automation features.

Can AppleScript and Automator have any future on an operating system where every app is surrounded by an impenetrable steel shell of distrust?

That question is seeming more and more rhetorical.

Recently I had an idea for a tool that would make my life much easier and it required some scripting of the Preview app. In all my years of avid scripting, I’ve never done anything with that app before and so it came as a surprise when I tried to open its dictionary with the AppleScript editor and I discovered that it had none.

This has long struck me as a strange omission. Preview could be an example of how great Mac OS X scripting is, but it doesn’t even support the most basic AppleScript features that are built into the Cocoa frameworks. (There’s a way to enable the default window and document scripting support, if you don’t mind replacing Apple’s code signature with yours.) The excellent PDFpen is scriptable, but Preview does lots more than handle PDFs.

The App Culture

Jason Snell:

Not only does this approach risk turning the Mac App Store into a wasteland of arcade games and one-trick-pony apps, it risks dumbing down the Mac app ecosystem as a whole. While developers can always opt out of the Mac App Store, they’re reluctant to do so. Not only are they afraid that Apple will one day make new Macs unable to run apps that don’t come from the App Store, but they realize that if their competitors are in the Mac App Store, they risk losing sales. It’s generally too expensive to develop two separate versions of an app, so the net result of tighter App Store restrictions could be that Mac apps everywhere—on and off the store—will actually become less powerful.

Not widely discussed so far is the huge gulf between the theory of the sandbox and the reality. It would be great to be able to buy a utility like SuperDuper from the Mac App Store, but we all understand why that doesn’t fit Apple’s rules. Yet there is also a large class of applications that are well-behaved and could fit in with the idea of what the sandbox is trying to accomplish, but that fall victim to bugs and limitations of the current sandbox implementation. Apple has in recent history done a good job of dogfooding and providing for gradual transitions. The app sandbox is a notable exception. Not only is it not ready for prime time, but the mechanics of the transition remain a secret. We’re now less than a month from November. Many developers have in good faith tried to adopt sandboxing, filed bugs, and there has been virtually no response.

It’s not even a question of opting out. What happens if an application that’s already in the Mac App Store can’t be sandboxed? People have already bought it, and they expect fixes and updates. Apple changed the rules, but developers will get the fallout.