Apple Sets March 1st Deadline for Sandboxing Mac App Store Software

| News

Apple sent an alert to developers on Wednesday that sets a deadline of March 1st, 2012 for Mac App Store submissions to be sandboxed. The requirement effects only those apps submitted to the Mac App Store, but it signals an increase in the amount of control Apple intends to exert through its online Mac software download service.

Sandboxing Note

Sandboxing is the name given to the process of limiting software’s access to both system resources and the resources of other software. Sandboxing makes for both a far more secure and far more stable platform, but it also keeps fantastic apps like WireTap Studio from doing something like recording audio from a sandboxed app in Lion, a function that has many legitimate and practical uses.

These kinds of limitations means that for some users, their Macs will be less capable in the future than they are today, all in the name of security and stability.

On the other hand, iOS apps have been sandboxed from the get-go. It’s part of the iPhone’s excellent history of offering superior battery life (current iOS 5 bugs notwithstanding) and of being a very stable device that has been heretofore free of viruses. Apple is working to bring the same benefits to the Mac platform.

As noted in the screenshot above, developers who are in the process of reworking their software to accommodate sandboxing can apply for exemptions, but Apple will eventually phase out those exemptions. As of now, the future of the Mac App Store is a sandboxed world.

Sign Up for the Newsletter

Join the TMO Express Daily Newsletter to get the latest Mac headlines in your e-mail every weekday.

Comments

Jeff Butts

Bryan, would this mean the eventual eradication of the Documents folder, the Pictures folder, etc? Would saved documents all have to be held within the sandbox of the app that created it?

Bryan Chaffin

That could be Apple’s goal. We’ve talked a lot about that internally. We don’t know yet, however, how far Apple wants to take Sandboxing on the Mac.

But it is certainly possible that Apple wants to remove our access to the file system on the Mac the same way it is on iOS, a possibility that has me a bit tense.

Bosco (Brad Hutchings)

Actually, the deadline had been November 1. Many developers using third party development tools were pulling their hair out trying to make things work. There were many crashing bugs in Apple frameworks associated with sandboxed apps.

And what you’ll find right now if you survey serious developers who are dealing with the MAS is a mixture of relief and annoyance. Relief that the deadline got pushed back significantly. Annoyance that they wasted a whole lot of time trying to do something that wasn’t nearly ready for prime time.

I would say this is a prime example of why the platform vendor should not be running the 3rd party software store. The only purpose this sandboxing crap pushes is lock-in of Apple’s 30% commission. It is a real shame that the Mac press doesn’t notice that.

John Martellaro

I foresee a simple solution for me.  I may end up running Fedora inside Parallels Desktop for serious content creation work. And I already use Firefox 7 instead of Safari. A blend of the two OSes may be better than either one alone thanks to Parallels features.

Lee Dronick

Well this story inspired me to create a graphic, well modify one. See http://www.dronick.com/sandbox

Now am I reading this story correctly that all existing apps in the store will eventually be sandboxed and if not they will be pulled?

gnasher729

That could be Apple?s goal. We?ve talked a lot about that internally. We don?t know yet, however, how far Apple wants to take Sandboxing on the Mac.

But it is certainly possible that Apple wants to remove our access to the file system on the Mac the same way it is on iOS, a possibility that has me a bit tense.

Sandboxed applications can access files anywhere. However, they have to use an API that lets the user pick the files to access. So a typical “Open” or “Save” dialog works just fine.

E

This only applies to software loaded via the Mac store, which has hardly been widely embraced by everyone. So, mostly a non-issue. As long as software can be loaded normally (e.g. download, install from CD, etc.), the mac OS will continue to exist as it does now.

Lee Dronick

This only applies to software loaded via the Mac store, which has hardly been widely embraced by everyone.

I am shopping more and more through the App store. I like the convenience, being able to use iTunes prepaid cards, multiple user licensing, the prices, but also because I trust the software. There was a story this week about a trojan hid inside of pirated copies of GraphicConverter. I don’t pirate or use bit torrent sites, but sooner or later someone is going to put a trojan into software that they sell. I pretty much trust Adobe and MicroSoft and other popular software publishers, but I may be tempted to buy something from a stranger.

zewazir

Sandboxing is not a bad idea for system security and stability.  But there should be options for the user to “un"sandbox an application, such as the example given of WireTap Studio, so a user can maximize the capabilities of their applications. If a user is willing to take the risk of lowered security or stability for the convenience of an application automatically accessing other applications or parts of the OS, who is Apple to tell them “no”? Apple can still require developers to justify what other areas their “un"sandbooxed application may access, in order to reduce any hidden malware.

Log-in to comment