Apple: Mac App Store apps must implement sandboxing by March

Apple has announced on their developer site that, “as of March 1, 2012 all apps submitted to the Mac App Store must implement sandboxing.”

“Essentially, sandboxing allows Apple to decide which apps get access to which resources, and such access can be severely constrained, including no Internet, no networking, no write access, and even no anything,” Roger Kay reports for Forbes. “Although widely anticipated, this move has developer sites up in arms. To them, it means that Mac OS X is going to be locked down just like iOS.”

“Given how convenient the Apple Store is, though, consumers are hardly likely to object. In fact, Apple is passing this naked power grab off as a matter of convenience and security for consumers, who, soon after the new regime is in place, will simply forget that there ever was any other way to install programs,” Kay writes. “But the Wild West days of software development are fast coming to an end. Since Microsoft is following the same path with Windows 8, we are witnessing quite literally the end of software distribution freedom.”

Kay writes, “While Apple’s locking down of Mac OS X heralds a dark day for programmers, it is worth acknowledging that this move does have some short-term benefits for consumers. The iOS model is easier for the average bear to deal with, and sandboxing does improve security.”

Read more in the full article here.

MacDailyNews Take: Logic disconnect: How does Mac App Store’s sandboxing requirement make consumers “simply forget that there ever was any other way to install programs?”


      1. “Sometimes”? Forbes has comfortably settled in to bottom-feeding hit whores, banking on multi-page articles for the ad revenue. That’s another old school publishing titan looking for a place to wallow along for easy hit $ until it closes it’s doors.

    1. Totally agree. I have several programs that I had to buy directly from the developers because the App Store version is crippled by disallowing some of the very features you buy the damn app for in the first place. Utilities seem to be the most likely to be crippled for now.

      In the future, no internet access among other mentioned restrictions? Give me a break. This reminds me of the self-imposed prohibition of M$ products, such as Office, that posters say the’d never allow on their Macs. I think I’m about at the point of saying the same thing about any App Store app.

    2. The new policy will finally address a security flaw that I have been pointing out for a while, namely that from now on, the user will be able to obtain detailed info (if so desired, thru a little round “Details” button at the bottom right) from the Installer, about what exact privileges the app will receive, i.e., which privileges that the user will allow when finally pressing the OK to install button.

      This is about a “contract” that the app requires (and therefore advertises) to be able to be installed, not about the user becoming “locked down”. It is a matter of providing the user with full information of what he may be in for when agreeing to the install.

      1. I’d be OK with this if that is how it worked.

        Android is currently set up in this way. You are given a list of services and OS resources the application needs in order to function.

        From what I’m reading though, this is a bit different. Apple can deny your app on any ‘entitlement’. They decide they do not like you using the filesystem in OS X and they can deny that entitlement to your app.

        It is very much about control in this case.

    3. Am I missing something, or is Kay totally full of shit?

      This only effects apps submitted to the App Store.

      Which means, no, OS X is NOT going to be locked down like iOS, no, we are NOT witnessing quite literally the end of software distribution freedom, and no, this is NOT a dark day for Mac programmers.

      After March 2012, people can still download and install Mac software from anywhere on the internet just like it was before the App Store even existed. Correct me if I’m wrong?

  1. Personally, I much prefer getting my software from a direct developer/vendor site. I dislike that downloading from the App Store forces Launchpad to open, and will only install to the Applications folder. I use a number of the apps which may be affected (e.g. Transmit), and I’m quite used to updating without Apple’s intervention. Most apps these days alert or update automatically, anyway, yes?

    1. At first I was against the idea of an app store, but now, I buy from the app store whenever there’s the option to do so. Having Launchpad open is no big deal, just click *one time* and it goes away. Applications should go in your applications folder, but if you want to be messy, you can move them elsewhere…it’s no different from any other app…they can even be on other volumes. The only restriction is based on the app itself, which may want to be in the Applications folder.

      What I like about the App store is that it’s one source billing and I don’t have to deal with serial numbers or other weird DRM. If I sit down at a new computer, I can easily re-install all my apps with just a few clicks and again, no serial numbers, or conflicts about installing on another Mac.

      The best part though is that I can buy apps using gift card credits (I receive a ton of gift cards).

      1. requiring applications to always go in the applications folder causes problems. applications and data (input/output) cannot always be decoupled and this assumption is embedded in the idea of putting apps only in the applications folder.

        1. Requiring all applications to be installed in the Application folder is about as inconvenient as having all downloads in the Download folder. People for whom the computer is an appliance don’t care, and it makes their computers easier to support, since everything is in a predictable place. Computer literate people and geeks know that they can move it anywhere they like, but at least they know where to find it in the first place.

          But of course you knew that already.

  2. This is the third strike since the launch of Lion/iOS5/P4S that has met with trouble. Siri’s not working, 4S battery life necessitates turning off most of the new features in order to last the day, and paranoid app control. All this spells trouble in force and soon you will see stories everywhere that Apple is sliding into the pack instead of leading it.

    1. Siri is beta, the battery problem is a bug that Apple has fixed and is currently testing the fix before releasing it, and mandatory sandboxing will prevent the most of the malware and stolen PII common on Windows and Android.

      1. I’m not tech challenged. I don’t give a damn about technology. I’m a faithful, loyal Apple customer who wants their products to work the way they promised.

      2. I’m not tech challenged. I don’t give a damn about technology. I’m a faithful, committed Apple customer who wants their products to perform the way they promise and therefore delivering the full value of what I paid for.

      1. I don’t want to scrap anything Apple. I want their stuff to work the way they promised. That’s all. I bet you and every other Apple customer wants the same thing.

    1. I have not seen the full list of “entitlements” that apple has grant before your app can use certain OS features but I would expect applescript is on the list since interprocess app communication and file system access is.

  3. Runaway Imagination Alert:

    What if the step after this is some sort of OS flag that will not allow the installation of ANY software not directly approved by Apple and sold through the App Store?

    1. Exactly. That is my fear.

      Im all for making things easy for end users but i do not like the idea of the computer becoming a locked down “appliance”.

      The computer should remain a power tool imho.

    1. You make a good point. But, again, this reminds me of something. The 1984 Apple commercial, and the “destroying” of Big Brother (IBM). Let’s give ourselves totally to Apple because Apple always knows what’s best for us, right?

  4. I don’t see this as a problem.

    Apple will be able to offer a wide range of Applications that all work reliably. It’s much harder to do that if they are not sandboxed.

    There’s nothing to stop developers distributing via traditional means, but if they want the convenience of distribution via the app store, they have to play by Apple’s rules and in return, Apple is able to ensure that those applications behave themselves.

    I can see why developers don’t like this, but there are millions more customers than developers and most customers will not see this as any sort of problem.

    1. Well not today, but what about tomorrow? What happens when they decide the only way you can install software is via the app store?

      It also puts a dev at a great disadvantage against competitors when you AREN’T in the app store.

    2. I work with a software company that specializes in intelligent document management and search agent applications.

      The less powerful versions of those applications are available in the App store. But the best-selling versions would not meet Apple’s restrictions, because they provide the user the ability to extend features, for example through AppleScript and or through Indexing ” outside” data, especially for interoperability with data managed by other applications. For example, the user may find added value in the data managed by a citation manager database, when that data is shared with our document manager application, and even with comparisons to Web-based information. It appears that Apple does not plan to allow such interoperability on the App Store.

      I expect that developers of professional-level software who maintain a reputation of providing value to their customers can survive if only their “dumbed down” apps are available on the App Store, but their apps with useful interoperability features can be installed from the developer’s site by customers who want those apps.

      But if Apple were to lock down OS X such that only App Store apps could be installed, or cripple AppleScript and other approaches to data sharing the Mac environment for many users would become much poorer.

      I concur with Apple’s intentions to protect customers from security threats, invasion of their privacy and poorly written software that makes computers unstable. As one who does software support, I was horrified by the number of utilities that modified OS X in ways that made Macs untrustworthy, especially during the Tiger period.

      But let’s not throw out the baby with the bath water! A too-Draconian approach to sandboxing is not the way to allow Apple’s customers to make maximum use of their hardware and software.

    1. Not as obviously inefficient code, as cross-platform code. Many of these programs make low-level calls because they are either doing something that sandboxing makes unnecessary (checking for security) or because they are still grounded in some non-OS X operating system (i.e. Windows or DOS).

  5. This is great for maybe 70% of Apps that fit the cookie cutter mould: they open one file, they do something to it, then they save it again. But more powerful apps that batch process stuff, or that generally take advantage of the full gamut of os-x Apis, simply cannot be meaningfully sandboxed. I mean, already many app store versions of apps are crippled compared to their non-app store versions. In the future they’ll be even more crippled or disappear altogether.

  6. Wow–idiots are confusing sandboxing with Apple barring users from installing apps from sources other than the App Store? Really???
    This is a perfectly logical and reasonable step by Apple. Naive users will be able to rest assured that apps downloaded from the App Store have the tightest safety and security features. Pro/power users can still download whatever they want from wherever they want–and NO ONE at Apple has suggested otherwise. SOOO, what’s the problem?

    1. What’s the problem? The problem is that developers face the inconvenience of writing good code. I’m not going to waste my time wringing my hands over that one.

    2. I think you should carefully re-read my comments and others (assuming you even read them at all-you don’t appear to have done so), on the particular point you reference in your first paragraph. We are NOT confused over what this round of sandboxing is, nor have any of us suggested that in March 2012 we won’t still be able to download from third party developers, as far as we know.

      What we are commenting about is the POSSIBILITY that Apple could, in the FUTURE, develop a new round of sand boxing that totally locks out the ability to load on an Apple computer ANY software unless it was down loaded from the App Store. This has nothing to do with this round of App Store changes.

      Total, absolutely barring of the use of any software not downloaded from the App Store; with any features disabled at Apple’s discretion; remains, as I said earlier, only a possibility, but it is definitely could happen.

  7. I can easily see how there is possibly a logical expectation that this move is getting one step closer to completely closing the outside-of-appstore door for installing apps. Sti’ll I’d rather cross that bridge once I come to it. At this point, I can’t even see the bridge; I’m not sure if it’s even there.

    Apple’s SDK provides tons of APIs for all kinds of functionality. There is absolutely no logical sense to expect Apple to prohibit use of any of those APIs that they themselves provide in the development tool.

    My understanding is that Apple is more likely going to be policing this, the same way they are policing the iOS apps. They’ll check your Mac OS app and what services it uses. If the usage makes sense for the functionality of the app, there should be no reason not to approve. However, it there seems to be needless, or careless (or reckless) usage of various types of functions, services or APIs, the app might be sent back for clean-up.

    I don’t know the details of this restriction, but I have a feeling that literally ALL legitimate apps will have no problem with this. It may force some extra work on the part of developers to clean this up, especially those who use third-party development tools. In the end, this shouldn’t be a reason to worry.

    I dream about a day when all apps will come from the app store. I never needed an anti-virus, and I’m becoming a bit concerned about the recent appearances of various Mac trojans. I don’t want to have to think and be careful about what I install. I never needed to be before, and I don’t want start. I want my Mac to be an appliance that just works; not a tinker toy for hobbyists. So far, it has been much better in that regard compared to Windows. Moving app distribution to a centralised store is a big step in that direction.

  8. Is everyone least freaking out as if all apps in the app store are going to be unable to connect to services? Because that would be fucking stupid. Honestly, people, if Microsoft had done this 20 years ago they’d have been heroes and the Mac never would have been the attractive virus free alternative it is today.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.