Apple: Mac apps must be sandboxed
Apple is cranking up security for its computers by making sandboxing compulsory for all apps sold in the Mac App Store.
The rule was set to come into force this month, but in a message sent to developers the company said the rule would now come into effect next March.
“The vast majority of Mac users have been free from malware and we’re working on technologies to help keep it that way,” the company said. “As of 1 March 2012 all apps submitted to the Mac App Store must implement sandboxing.”
The company said sandboxing – where code runs in isolation to protect other applications – was a “way to protect systems and users by limiting the resources apps can access and making it more difficult for malicious software to compromise users’ systems”.
There will be less excitement about the diminished functionality of apps whose features don’t fit nicely into the sandbox confines
However, given Apple’s perceived heavy-handed approach to developers in the past, app creators are concerned that the sandbox innovation could be forced upon them with little flexibility and could inhibit development.
“I’m really excited about sandboxing and also really terrified,” said Daniel Jalkut, founder of Red Sweater Software in a blog post when the idea was first raised.
“Apple has given us, thus far, a limiting set of entitlements that don’t quite cover everything that reasonable apps want to do,” he wrote. “Apple would have a lot more developer enthusiasm for this feature if it wasn’t so clear that apps will be forced to lose features in order to adopt sandboxing.”
“While users may be happy about the prospects of improved security with the sandbox, I think there will be less excitement about the diminished functionality of apps whose features don’t fit nicely into the sandbox confines.”