Apple to Require Sandboxing in Mac App Store Apps in March 2012
November 4th, 2011The iOSification of OSX is now fully underway. How long will it be before every executable on the platform requires Apple’s blessing?
Steve Jobs, the pioneer of the computer as a jail made cool, designed to sever fools from their freedom, has died.
As Chicago Mayor Harold Washington said of the corrupt former Mayor Daley, “I’m not glad he’s dead, but I’m glad he’s gone.” Nobody deserves to have to die – not Jobs, not Mr. Bill, not even people guilty of bigger evils than theirs. But we all deserve the end of Jobs’ malign influence on people’s computing.
Unfortunately, that influence continues despite his absence. We can only hope his successors, as they attempt to carry on his legacy, will be less effective.
—‘Steve Jobs, The Pioneer Of The Computer As A Jail’
What do Cryptogon readers think of apps on their computers and in general? DO NOT WANT.
Via: Naming Things:
Apple announced today that, starting in March 2012, all apps on the Mac App Store will be required to run in the so-called “App Sandbox”.
The sandbox is an environment that locks down the Mac in ways that match (and exceed) the limitations found on iOS. A sandboxed app doesn’t have direct access to any files or frameworks on the system. It can’t access the network or any devices.
For the app, nothing else exists on the system except for those files and APIs that the operating system explicitly makes accessible to it:
By default, the sandboxed app doesn’t really have anything of its own. Even files in its own Application Support subfolder may be deleted by the operating system if it wants to e.g. reclaim some disk space. The sandbox analogy is quite fitting indeed — inside it, an app’s data has all the permanence of a sand castle.
Do you feel entitled, punk?
Since the Mac isn’t a phone, most apps need to do something more persistent than e.g. rendering a nice image of a collapsing sand castle. To enable these apps to perform their job, Apple has created a list of permitted capabilities called “entitlements”.
Here is the complete list of available entitlements:
…
That’s it. (There are also a couple of temporary exception entitlements that will be going away. If your app uses Apple Events or Mach ports, Apple may grant you a temporary license to keep doing so, if you can make your case convincingly.)
Need to access hardware using something else than USB, for example Thunderbolt, FireWire or Bluetooth? Tough luck. (Just because these interfaces are on your Mac doesn’t mean Apple wants anyone to use them via 3rd party software.)
Need to communicate with processes that your app didn’t directly start, or perhaps take screenshots? Not going to happen.
Maybe you’d like to read and write files in a known location on a network disk? Not possible, unless you pop up the Open/Save dialog for every file.
on the upside maybe there will be less radiation pumped out by smartphones as their apps constantly keep up-to-date w/ the info cloud. although i suppose that could be part of the “allowances” mentioned in the article, and prolly more marketing research related datacollection and siri learning algorithms more than make up for the microwave levels. eventually everything on an apple product will feed into the offspring of the seas system, and all non-compliant software will be eliminated w/ extreme prejudice.
not to mention cooking your pocket proximity meat like a hotpocket, not that youll notice w/ the fukishima smoke your breathing and the full body scanners and needless medical testing your doctors require for health insurance continuation. (almost forgot the corexit, hydrofracking fluids too!) if you say anything they’ll call you crazy like all those “directed energy weapon nutjobs” they had prepped decades ago.