Is The App Store’s “Sandboxing’’ Security
Rule The Beginning Of The End For Mac Software Freedom?
Apple has confirmed
to developers that it will require the implementation of “sandboxing” by all
software sold through its Mac App Store from 1 June. The deadline had been
extended from November 2011 to March, and then again to June, but Apple now
appears to be holding firm, although the rule only applies to newly submitted
apps.
Sandboxing is a security measure that
restricts an app’s access to other parts of the system. Developers set
“entitlements” for sandboxed apps which dictate whether the program can access
features such as the file system, network and printing. While each developer is
responsible for specifying its own apps’ entitlements, Apple has supplied
preset entitlements to choose from, and has mandated that apps only be entitled
to access those elements essential for the program to perform its core
functions. Some possible functions aren’t covered by the entitlements scheme,
and so can’t be implemented in sandboxed apps.
App stores-style controls could be enforced for more OSX software with Mountain
Lion’s Gatekeeper
The requirement for sandboxing will apply
to all new apps submitted from now on, although updates to existing
un-sandboxed apps are still allowed. While most apps won’t be adversely
affected because they don’t need to do anything that sandboxing prohibits, the
effect on programs that need to access the whole file system, such as FTP
tools, could be dramatic.
James Thomson, developer of the Drag- Thing
utility, told MacUser sandboxing was one of the reasons his app isn’t sold
through the App Store. ‘My understanding is that a significant number of
features in DragThing wouldn’t be possible under sandboxing, even with the
temporary exceptions. For example, it’s not clear that I could let the user
open a document with an application other than the default one, which is a core
functionality of DragThing.
Apple app stores
“Another example would be browsing your
files when you right-click a folder,” he said. While Thomson thinks sandboxing
is a good idea “in principle,” he’s concerned about the impact on long-standing
Mac utilities. “Many developers of system utilities I know are similarly
worried. In its current form, sandboxing could stifle a lot of creativity
alongside making users safer.”
Unlike iOS, the Mac’s OSX is not a closed
platform and developers are free to sell apps by any route they choose. Major
packages such as Adobe Creative Suite, as well as thousands of independent programs,
aren’t available on the Mac App Store. Sandboxing is only mandatory for those
that are.
However, Mountain Lion, the update to OS X
due this summer, will bring a new feature called Gatekeeper that affects all
programs. By default, it will only allow a Mac running Mountain Lion to
download software from the “Mac App Store and identified developers” - that is,
developers who’ve signed their code using a digital ID provided by Apple. This
gives Apple broader scope to set rules about what developers can implement -
though it seems unlikely whole areas of functionality would be ruled out.
In the current Mountain Lion preview, there
are two other options for Gatekeeper: to only allow software downloads from the
Mac App Store, and to allow downloads from anywhere. Apple says Gatekeeper is
intended to prevent users “unknowingly downloading and installing malicious
software.”
