@rosyna @drewthaler Even for things that would never be approved in the Mac App Store, so that every Developer ID app can be sandboxed.
@rosyna @drewthaler If that sort of thing is a major concern, Apple should offer lots more entitlements.
@rosyna In terms of actual problems affecting Mac users, I read a lot more stories about bugs and bad apps than this type of exploit.
@drewthaler @rosyna Agreed.
@rosyna I’m familiar with that, but it seems like a relatively small risk compared with plain bugs (like Adobe’s) and malicious apps.
@rosyna But, aside from your example of Flash, where is the code that’s exploiting these bugs?
@rosyna So you’re saying that the reason the Mac App Store requires sandboxing is to protect against Flash, which most apps don’t use?
@rosyna Where is that code running? And why wouldn’t it also be able to make the app ask the user which files to destroy, as you say?
@rosyna Macworld and others have reported it’s to protect against malicious apps that made it through App Review: macworld.com/article/293723…
@rosyna Apple’s docs says "Enable App Sandbox to Minimize Damage from Malicious Code". developer.apple.com/library/mac/do…
@rosyna I’m not sure how the original reason the technology was developed is relevant to the policy decision about using it now.