Monday, February 20, 2012

Fix the Sandbox

Daniel Jalkut:

To increase adoption, Apple should expand the current list of entitlements until it covers every reasonable behavior that users expect from Mac apps. A good test for this is any app that is currently available in the Mac App Store. Having been approved by Apple’s own reviewers, and purchased by Apple’s own customers, the merit of these apps should be considered implicit. If a Mac App Store app’s reasonable behavior cannot be achieved in the confines of the sandbox, it should be considered a sandboxing bug, and a new entitlement should be added.

I would go even further and say that there should be entitlements to cover applications that are not currently allowed in the Mac App Store. For example, SuperDuper has won two Macworld Eddy awards. It needs full access to the filesystem, but the sandbox could prevent it from accessing the camera, acting as a network server, etc. With the behavior appropriately limited by entitlements, there should be a way for Apple to allow it in the Mac App Store. Likewise for my own SpamSieve, audio utilities from Rogue Amoeba, etc.

Brent Simmons:

I toss all my Mac app ideas that require more than the default sandboxing rules — no matter how cool the idea is.

The sandbox has a chilling effect on at least one developer. I’d be surprised if it were just me.

1 Comment RSS · Twitter


I'd love to see plugins in the app store. Not just mail plugins like SpamSieve but plugins for Aperture, Photoshop, Illustrator and a lot else.

Leave a Comment