Mac App Store Sandboxing Requirement Pushed to March as Uncertainty Looms

When Apple launched OS X 10.7 (Lion) to the public in July, most of the media focus was on the user-facing changes, such as the iOS-like Launchpad, or trackpad scrolling direction. In Lion, Apple also made a number of under-the-hood changes in their security model that may start affecting Mac App Store customers in the near future.

sandboxing
Amongst the many new features in Lion, Apple included a more robust sandboxing system that can prevent 3rd party applications from causing unintended damage. In their Lion review, ArsTechnica explains how sandboxing works in general:

Running an application inside a sandbox is meant to minimize the damage that could be caused if that application is compromised by a piece of malware. A sandboxed application voluntarily surrenders the ability to do many things that a normal process run by the same user could do. For example, a normal application run by a user has the ability to delete every single file owned by that user. Obviously, a well-behaved application will not do this. But if an application becomes compromised, it may be coerced into doing something destructive.

Developers of these sandboxed applications must take special measures to break up their application into individual processes that only are able to do exactly what they need. Apple still allows user initiated actions to perform as expected and override the sandbox, but app-initiated actions in sandboxed applications will be restricted. This means that system wide file access and inter-app scripting and interactions will not be allowed.

Apple had originally told developers that sandboxing would become a requirement for Mac App Store apps as of November, 2011. Tonight, however, Apple emailed developers that the Sandboxing requirement will now go into effect on March 1, 2012.

As of March 1, 2012 all apps submitted to the Mac App Store must implement sandboxing.

While sandboxing will increase the security of Mac App Store apps, there have been concerns that the restrictions will stifle features and innovation on the Mac platform.

apps
Mac Apps that may be affected: TextExpander, CoverSutra, Transmit, Fantastical

In October, Macworld published a pair of articles from Jason Snell and Andy Ihnatko expressing their concerns about the new restrictions.

Snell reported that he had heard that some Mac developers will be removing features from their apps or reducing their functionality to fit them in Apple's sandbox.

Not only does this approach risk turning the Mac App Store into a wasteland of arcade games and one-trick-pony apps, it risks dumbing down the Mac app ecosystem as a whole. While developers can always opt out of the Mac App Store, they’re reluctant to do so.

Examples of Mac Apps that will be affected include iTunes controllers (Tagalicious, CoverSutra), inter-app communication (Fantastical), apps that browse the file system (Transmit), system-wide keyboard shortcut utilities (TextExpander), file syncing, and backups utilities.

While Apple is offering developers some short term exceptions to get around sandboxing, the company promises that those exceptions will be temporary. Some developers have said there is a lot of uncertainty around how long Apple will allow these apps in the Mac App Store after the deadline. With the new delay until March, some developers are holding out hope that Apple may be trying to come up with a better solution than simply pulling these apps off the Mac App Store.

As Snell points out, developers can choose to distribute their non-sandboxed apps outside the Mac App Store, but those developers would be giving up a huge distribution point.

Top Rated Comments

arn Avatar
122 months ago
I'm all for sandboxing. If a dev wants to cry about their "innovation" being stifled because their program only affects what it's meant to, then they can go compromise someone else's machine, because I don't want their crap poking around in my files and logging my keystrokes.

I suspect it affects more apps than you realize.

arn
Score: 25 Votes (Like | Disagree)
AppleScruff1 Avatar
122 months ago
One step closer to total Apple control.
Score: 23 Votes (Like | Disagree)
ScottishCaptain Avatar
122 months ago
I would vote for sandboxing with some kind of security mechanism that would permit sandboxed apps to safely interact with other apps and other parts of the OS. This would allow specialized utilities to run without problems or limitations.

I'm sure Apple will provide a way to accomplish this.

What makes you think that?

10.7 is the first step towards the iOS-ification of Mac OS X (not the other way around). Just wait until developers have to resort to retarded hacks to move data between applications because absolutely everything is sandboxed and there's no shared storage between apps.

I swear to god, this walled garden ******** needs to stop. Apple is feeling more like a trash compactor then a green garden filled with wonderful things. Everyone and everything is being crushed into their idea of a perfect platform, and since their vision is ultimately flawed (where your desktop becomes a giant iPad, which is just a giant iPhone)- it's not going to end well for anyone.

-SC
Score: 17 Votes (Like | Disagree)
calderone Avatar
122 months ago
I'm all for sandboxing. If a dev wants to cry about their "innovation" being stifled because their program only affects what it's meant to, then they can go compromise someone else's machine, because I don't want their crap poking around in my files and logging my keystrokes.
That is just it: many apps will no longer be able to do what they are intended to do.
Score: 16 Votes (Like | Disagree)
Mr. Gates Avatar
122 months ago
Whats next ?

Apps no longer utilize the file system ?

Can we just make the iMac a big iPad now ?.....That's really what we all want ...Right ?
Score: 16 Votes (Like | Disagree)
JimAtLaw Avatar
122 months ago
This is pretty sad, and anyone who thinks it will not adversely affect innovation and app functionality is not a developer. Apple is on its way to taking a piece of almost every sale on the platform and strictly controlling what is available to most users - wouldn't surprise me if in a release or two you have to jailbreak your Mac to get anything other than Apple approved content.

The fanbois will of course defend the decision as increasing security on the already-most-secure platform, yadda yadda yadda, but the truth is this is all about making sure Apple gets a huge cut of ISV sales and can control innovation and competition on the platform almost entirely - want to make something Apple wants to do itself or doesn't entirely like? Soon, the vast majority of users will never see or consider it because it won't be on the App Store and Apple will tell them that apps from other places are "not secure."

They may kill the golden goose with this idiocy, and if so, will richly deserve it.
Score: 15 Votes (Like | Disagree)

Top Stories

2021 mbp sd slot feature2

Kuo: New MacBook Pro Models With HDMI Port and SD Card Reader to Launch Later This Year

Monday February 22, 2021 8:52 pm PST by
Apple plans to release two new MacBook Pro models equipped with an HDMI port and SD card reader in the second half of 2021, according to analyst Ming-Chi Kuo, who outlined his expectations in a research note obtained by MacRumors. The return of an SD card reader was first reported by Bloomberg's Mark Gurman last month. "We predict that Apple's two new MacBook Pro models in 2H21 will have...
m1 mac mini

M1 Mac Users Report Excessive SSD Wear

Tuesday February 23, 2021 7:07 am PST by
Over the past week, some M1 Mac users have been reporting alarming SSD health readings, suggesting that these devices are writing extraordinary amounts of data to their drives (via iMore). Across Twitter and the MacRumors forums, users are reporting that M1 Macs are experiencing extremely high drive writes over a short space of time. In what appear to be the most severe cases, M1 Macs are sai...
iphone 12 pro display video

BOE Rumored to Supply iPhone 13 Display Panels After iPhone 12 Failures

Monday February 22, 2021 9:54 am PST by
Display manufacturer BOE will be one of the main suppliers of OLED panels for iPhone 13 models, according to a new report today from Taiwan's Economic Daily News. BOE is said to be working with touch panel manufacturer General Interface Solution (GIS), part of the Hon Hai Group to develop OLED panels. Multiple iPhone 12 rumors suggested that BOE would supply some panels for the devices,...
mac security privacy

Apple Takes Step to Prevent Further Spread of 'Silver Sparrow' Malware on Macs

Monday February 22, 2021 6:13 am PST by
Over the weekend, we reported on the second known piece of malware compiled to run natively on M1 Macs. Given the name "Silver Sparrow," the malicious package is said to leverage the macOS Installer JavaScript API to execute suspicious commands. After observing the malware for over a week, however, security firm Red Canary did not observe any final payload, so the exact threat to users remains a...
jon prosser imac 2021colors

Prosser: 2021 iMac to Come in Five Colors, Apple Silicon Mac Pro to Resemble 'Stacked' Mac Minis

Wednesday February 24, 2021 7:26 am PST by
Hit-and-miss leaker Jon Prosser has today alleged that the upcoming 2021 iMac models will offer five color options, mirroring the colors of the fourth-generation iPad Air, and revealed a number of additional details about the Mac Pro with Apple Silicon. In a new video on YouTube channel FrontPageTech, Prosser explained that the redesigned iMacs will come featuring options for Silver, Space ...
whatsapp privacy banner

WhatsApp Reveals What Happens to Users Who Don't Agree to Upcoming Privacy Policy Changes

Sunday February 21, 2021 1:11 am PST by
WhatsApp has revealed how it will gradually limit the features available to accounts held by users who do not accept the platform's impending privacy policy changes, due to come into effect on May 15. WhatsApp's new banner explaining the privacy policy changes According to an email seen by TechCrunch to one of its merchant partners, WhatsApp said it will "slowly ask" users who have not yet...
new airpods leaked image 52audios

Alleged Leaked Image Claims to Show Third-Generation AirPods and Case

Sunday February 21, 2021 2:49 am PST by
A new image claims to offer our first real world look at Apple's next-generation AirPods. The image, shared by 52audio, showcases both AirPods and the charging case for what the site claims to be the third iteration of the wireless earbuds. 52audio has in the past shared images claiming to showcase different parts of the third-generation AirPods. Most notably, the site in November shared...
anker magsafe powercore battery pack

Anker Releases MagSafe-Compatible Battery Pack for iPhone 12 Lineup

Tuesday February 23, 2021 7:49 am PST by
Following rumors that Apple is working on a MagSafe battery pack for iPhone 12 models, popular accessory maker Anker has beaten Apple to the punch with the release of its PowerCore Magnetic 5K Wireless Power Bank. First previewed at CES 2021, the PowerCore battery pack magnetically attaches to the back of any iPhone 12 model and provides 5W of wireless charging. With a 5,000 mAh capacity,...
iPad Pro Mini LED

New iPad Pro and MacBook Models With Mini-LED Displays Again Rumored to Launch This Year

Monday February 22, 2021 9:32 pm PST by
Taiwanese company Ennostar will begin production of Mini-LED backlight units for an upcoming 12.9-inch iPad Pro in the late first quarter or second quarter of this year, according to industry sources cited by DigiTimes. Ennostar is a holding company that was jointly established in January 2021 by LED-related manufacturers Epistar and Lextar Electronics. Apple is expected to unveil the new ...
14

iOS 14.5 to Make Zero-Click Attacks 'Significantly Harder'

Monday February 22, 2021 9:05 am PST by
Apple's impending iOS and iPadOS 14.5 update will make zero-click attacks considerably more difficult by extending PAC security provisions, according to Motherboard. Apple has made a change to the way in which it secures its code in the latest betas of iOS 14.5 and iPadOS 14.5 to make zero-click attacks much harder. The change, spotted by security researchers, has now been confirmed by...