- #SANDBOX FOR MAC FOR MAC#
- #SANDBOX FOR MAC INSTALL#
- #SANDBOX FOR MAC CODE#
- #SANDBOX FOR MAC DOWNLOAD#
- #SANDBOX FOR MAC MAC#
Windows UAC which trains users to roll their eyes and click through.īut Apple doesn't enjoy the luxury of solving this problem in a nuanced way, because Mac apps are not acting from a position of strength. The Mac sandbox overcorrects to requiring capability resources for all file accesses, while on the other extreme we have e.g. (There is a dialog when opening a downloaded app for the first time, but it's grey and boring and not helpful at all.) Because right now, there is no way to tell which apps even use sandboxing without opening Activity Monitor, and there is no incentive for non-App-Store-apps to use sandboxing. app, but upon first opening it, a dialog would inform you about its code-signing author and the permissions that the app has (with striking red/green color coding).
#SANDBOX FOR MAC DOWNLOAD#
I think I would prefer a security model were you could just download and start any. And bad actors are only blacklisted after they've been caught. It seems to make life harder for the long tail of one-off apps and open source ports.
#SANDBOX FOR MAC CODE#
On the other hand, I am not sure that code signing has been an all-around success. That was definitely my worst experience using native apps. I dreaded running the unsandboxed Office:mac 2011 with its constant stream of "critical" security updates. I'm a big fan of desktop sandboxing, so thanks for the hard work. If we could tell our Macs "yes, dude, I hereby authorize DaisyDisk to see all the files" and "Computer, hey bud do me a favor, overrule this restriction that says CotEditor can't ask me to authorize modifying root-owned files", then I would actually not only be happy with, but even prefer, the App Store versions. Regardless, though, if there were mechanisms for the user to control the sandboxing enforcement to a greater degree, I would be all for it. Or, I don't know, perhaps they just don't have enough engineers left for the Mac after moving so many of them to their higher-volume Candy Crush console business. And through the sandboxing requirements, they force their third-party developers to either tell their power users to fuck off, or to give up on the App Store. I feel like the problem is more political/cultural: Apple prioritizes their low-information, low-computer-literacy users (hi, Dad!) so dearly, that they aren't willing to expend resources to find any compromise for their technically proficient ones.
#SANDBOX FOR MAC INSTALL#
I do want to have to explicitly authorize some random app before it can install a printer system extension, or before it can scan my entire disk. If I'm using the App Store stuff, then my text editor can't edit all my files, my video player can't open videos when I double-click them, my Evernote can't print to PDF, my disk usage analyzer can't analyze my disk because it can't ask me for authorization to do so, and so on.Īt the same time, though, in theory I do want sandboxing, at least by default. As a user, I often go to pains to avoid getting the App Store version of an app, if an alternative exists, because those apps are crippled to such a degree that they aren't worth using. But force Mac devs to castrate their apps even more, and there won't be anything left to protect. IMO Apple should drop the Mac app sandbox altogether (though continue to sandbox system services, which is totally sensible, and maybe retain something geared towards browsers.) The code signing requirements and dev cert revocation, which has been successfully used to remotely disable malware, will be sufficient security: the Mac community is good at sussing out bad actors. The price is far too high and the benefits too little. In return it offers security inferior to a web app, as this post illustrates.
#SANDBOX FOR MAC FOR MAC#
For Mac apps to survive, they must capitalize on their strengths: superior performance, better system integration, better dev experience, more features, and higher general quality.īut the app sandbox strikes at all of those. Cocoa-based Mac apps are rapidly being eaten by web apps and Electron psuedo-desktop apps. IMO the app sandbox was a grievous strategic mistake for the Mac. Sometimes this cost is prohibitive (see Coda 2.5). We did our best but the fact is that sandboxed apps run more slowly, have fewer features, are more isolated, and take longer to develop. Think open and save panels, copy and paste, drag and drop, Services menu, Open Recents, etc. Much of our effort that release (and in following releases) was dedicated to making Mac features work within sandboxed apps. I was an AppKit engineer when the Mac app sandbox was introduced in 10.7.
0 kommentar(er)
