Sandboxing looks set to cause
headache for Mac developers and disadvantage users
On Friday 1 June, Apple started requiring
that Mac developers implement sandboxing in apps sold via its Mac App Store.
However, many of the developers we spoke to
were frustrated by the lack of information and help offered by Apple and by its
frequent changes to the guidelines for sandboxing. Literature and Latte’s Keith
Blout suggested that Apple should “drop sandboxing from Lion altogether and
only start enforcing it, fully formed, in 10.8”.
Playing
in the sandbox Sandboxing may limit app functionality and frustrate users.
Apple has already moved the deadline for
Sandboxing back; initially the transition was pegged for November 2011, and
then March 2012. In addition, the company’s failure to sandbox its own apps
haven’t exactly endeared it to developers. So far only Text Edit and Preview
have been sandboxed.
“The reason that they can’t sandbox their
own applications is because they experience the same problems as third-party
developers: appropriate entitlements don’t exist, the APIs are buggy and the
sandbox model makes no sense for many applications,” claimed one developer.
Another told us that: “There’s a huge
amount of uncertainty about the whole process, as Apple has provided very
little guidance in terms of what developer can expect. There is no person to
contact to clarify and discuss alternative sandboxing strategies, so we are all
going into this blind.”
“Something has clearly gone very wrong when
Apple imposes changes that require a large proportion of apps on the Mac App
Store to be feature crippled. Nobody knows what the real motivation behind it
is,” noted another developer.
Sandboxing = security
For anyone unfamiliar with the term,
sandboxing is a security mechanism that limits the data and features a specific
app can access. Sandboxed apps can, metaphorically, only operate in their own
sandbox, and only access data that Apple has entitled them to see. By limiting
access, users’ data should be better protected against any malware attempt to
‘hijack’ a sandboxed app - after all, an app can’t open files it doesn’t have
access to.
Sandboxed apps Apple have sandboxed TextEdit and Preview, but seem stumped
on the rest.
However, many of the developers we’ve
spoken to don’t think that the security risk is big enough to warrant the
trade-off in usability that sandboxing brings. Blout explained: “Extra security
is often good, but there’s a trade-off. One of the things I’ve always loved
about Macs is how open they are, and how different apps can interact with one
another. I’m slightly concerned that sandboxing is beginning to encroach on
that.”
BeLight Software’s Ray East thinks Mac
users will suffer frustrations due to sandboxing: “We can definitely say that
user experience is going to suffer. Apps will be swamped with dialogs asking
for permission to carry out what used to be simple actions. That will add more
steps and clicks.
Some developers also expressed concerns that
programs that are not sandboxed will be removed from the Mac App Store. Others
said they are considering removing their apps from the Store, while there were
those who told us they will maintain two versions of their apps, with a full
one available on their website.
