Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

MacRumors

macrumors bot
Original poster
Apr 12, 2001
55,026
17,406



Apple today announced that it has extended the deadline for Mac App Store apps to implement sandboxing until June 1. The requirement had been set to go into effect on March 1 after already having been delayed from last November, but continued uncertainty about implementation and its effects on app functionality has caused Apple to again slow down the transition.
We have extended the deadline for sandboxing your apps on the Mac App Store from March 1st to June 1st to provide you with enough time to take advantage of new sandboxing entitlements available in OS X 10.7.3 and new APIs in Xcode 4.3.
We first profiled the sandboxing requirements, which would restrict apps from initiating operations outside of their operational confines, back in November. While users could override the sandboxing with their own commands, compromised apps would be prevented from affecting a user's entire system. But concerns over the effect of the requirement on apps requiring system-wide file access or allowing inter-app scripting have given some pause about how sandboxing should be implemented.

sandboxing.jpg



The issues was revisited earlier this month as the deadline approached, with several developers noting that there were still questions and concerns over how to implement sandboxing in their applications. One developer noted to MacRumors at the time that there were likely to be major issues if Apple were to enforce the requirement on March 1, given lingering bugs and other issues, and Apple has clearly taken those concerns to heart and given itself and developers an additional three months to work through the issues.

Article Link: Apple Extends Deadline for Sandboxing of Mac App Store Apps to June 1
 

baryon

macrumors 68040
Oct 3, 2009
3,701
2,268
Slowly moving towards dumbing down normal applications to just iOS-style "Apps"…

Probably the next step will be that apps can no longer run in the background, except for certain services that Apple deems worthy of multi-tasking, and everything will be full screen so we we'll have to switch between apps all the time.

After that, the keyboard will be removed, and a single button will be added. All further human-computer interaction will be automatically determined by the OS. Human presence will no longer be necessary, as the OS will be able to make better decisions on its own. Soon, computers will rule the world and it will be a better world. For computers.
 

Farthen

macrumors member
Feb 3, 2009
74
5
Germany
Good thing considering the fact there are still a lot of open questions. I am just wondering if they actually decide to deal with those problems and not just push the deadline further and further away. Because sandboxing itself is definitely a good idea.
 

wikus

macrumors 68000
Jun 1, 2011
1,795
2
Planet earth.
Slowly moving towards dumbing down normal applications to just iOS-style "Apps"...

I used to think using a Mac as a graphic designer meant better support for professionals from Apple.

That was 5 years ago before the iPhone. I wonder how long until I switch back to Windows.

ps. LOL @ anyone downranking my comment. as if being a professional and requiring flexibilty was a bad thing. by flexibility, i mean options and choice, two words that make apple very uncomfortable.
 
Last edited:

unplugme71

macrumors 68030
May 20, 2011
2,827
754
Earth
Sandboxing is great. I want a more secure OS. But certain apps need to be allowed to run in the background.

If Apple keeps restricting everything, Windows will succeed even more soley on the fact that alternatives are not 'better'. Further making Microsoft think Windows is so great based on sales, rather than feedback that it sucks but its the only OS that doesn't restrict.
 

Renzatic

Suspended
its actually making OSX more secure and stable.

And thank God for that, huh? Before the sandbox, OSX had, like 50,000,000 viruses, and crashed every 15 minutes.

No wait. That's what everyone says about Windows. Guess we'll have to do some retconning a bit to paint the sandbox in a more positive light. Okay. Here goes. Before the sandbox, OSX had a bunch of viruses and was unstable. Windows? You'd press the button on the computer, and it wouldn't turn on. Ever. Why people paid money for that, I have no idea. OSX just worked...sometimes. Now, with the sandbox, it works all the time. There we go.

Apple does it again!

How does a secure and stable operating system become more secure and stable?

It's securererer now.
 

baryon

macrumors 68040
Oct 3, 2009
3,701
2,268
its actually making OSX more secure and stable.

Probably, but I'd say that OS X is already very stable and doesn't need to be more stable and secure. Over the 3 years that I've used my Mac, I have never longed for more stability and more security: I never had such problems. On the other hand, I'm sure I will miss certain application functions when they'll be removed.

Yes we could argue that you can still download apps from outside, but it's just a matter of time before developers realize how great the app store is and they'll prefer developing one version of their app and go with the compromise rather than miss out on the app store.

I personally want applications to have lots of freedom, since that's the only way you can get around OS limitations and extend OS functions. Sometimes you need that, and you go with the "risk", even though it has never caused problems for me.
 

wikus

macrumors 68000
Jun 1, 2011
1,795
2
Planet earth.
How does a secure and stable operating system become more secure and stable?
Has somebody been lying?

It doesn't. Apple just wants complete control over the entire ecosystem, further proving the resemblance of Apple to Big Brother... ironic, when you think back to 1984 and Apple's commercial.
 

thejadedmonkey

macrumors G3
May 28, 2005
8,748
2,204
Pennsylvania
I used to think using a Mac as a graphic designer meant better support for professionals from Apple.

That was 5 years ago before the iPhone. I wonder how long until I switch back to Windows.

I did it last summer. It takes some adjusting, and I still use my MBP for facebook (facepalm), but it's not bad. Windows 7 is a great OS.
 

macmastersam

macrumors 6502a
Sep 14, 2011
515
0
Essex, england
its pretty neat how theses apps now have to require these after that time date that apple said this feature would come out... would be good for users with older macs, even ppc ones. and also taking into account that mac os takes up a lot of ram (2GB isnt enough for me or mac os!) and also the fact that most of us cant be bothered to max thier mac's ram up to 16GB because it's too damn expensive for both from apple and aftermarket!
 

foobarbaz

macrumors 6502a
Nov 29, 2007
661
1,040
No surprise to me. I consider sandbox-only an empty threat. It's a calculated attempt to get anybody who possible can to move into the sandbox (because otherwise there's really no incentive for the developer to do this).

They did the same thing with "Objective-C only" to scare off Adobe and "same price as outside-app purchases" to drive in-app purchases. Both were somewhat loosened when the deadline arrived.
 

rjohnstone

macrumors 68040
Dec 28, 2007
3,773
4,173
PHX, AZ.
Pretty soon we will have to jailbreak our Macs so we can side load apps. :rolleyes:
There is a fine line between secure and usable.
 

imcquill

macrumors member
Apr 2, 2007
42
0
Everybody complained that 3rd party iOS apps could "steal" address book data. It made headlines on the biggest news sites. But it's been possible forever on OS X (and Windows) due to lack of sandboxing.

I'd like some form of control, unless I say it's ok otherwise. Ask me if an app wants to read my address book. But I'd also like apps to be able to communicate with each other. Hopefully we can have it both ways.
 

Stella

macrumors G3
Apr 21, 2003
8,745
5,999
Canada
Security over a loss of much functionality…

Seems apple is struggling with this themselves. Hopefully they are
Listening to developer concerns. I'm sure Apple will make sand boxing more flexible.
 

Cougarcat

macrumors 604
Sep 19, 2003
7,766
2,553
Hopefully Apple will use the extra months to add more entitlements so Apps won't have to be removed from the App Store.
 

jackrv

macrumors 6502
Jul 14, 2011
300
0
AFAIK, Sandbox requirements (for now, at least) are only applicable to apps in the Mac App Store. Many 3rd Party "Pro" apps, like Avid, Adobe Creative Suite, Autodesk Maya are distributed through separate channels.
 

JohnDoe98

macrumors 68020
May 1, 2009
2,488
99
at the expense of dumbing the app down

You realize the Mac App Store is entirely optional right? If the app doesn't want to be sandboxed, i.e. made safer, then it need not be distributed through the MAS. Nothing is being dumbed down. If your favorite developper drops features to distribute on the MAS, complain to your developer, not Apple for making sandboxing possible for those willing to use it.

"But eventually everything will be forced through the MAS". We'll tackle that when and if it happens. Right now there is no evidence that Apple intends to force the MAS upon developers. They are offering it as an additional service. People complain Apple doesn't give options, but concerning this matter, it is all optional so I don't know what all the fuss is about.
 

haravikk

macrumors 65816
May 1, 2005
1,495
21
I still don't get what the big deal is? I thought that the whole sandboxing thing was done using entitlements, so surely you just break down the app into separate pieces; parts that need extra privileges and parts that don't, the point being to restrict the damage that your app could do if something goes wrong.

The example I always followed was a movie player having two parts; the part that opens and presents the video (the GUI) and the part that actually decodes the video. The GUI/main program has the file privileges so it can open and close stuff, while the decoder has restricted privileges, so any arbitrary code execution fault can't do any damage.

The list of entitlements is here. Is there some restriction against the use of temporary exceptions once the deadline is reached? So long as you're still separating the program sensibly then surely it's okay to have a part with special exceptions so long as its ability to cause mischief is limited?
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.