On May 27, 2012, at 21:55 , Graham Cox wrote: > users getting used to a nice feature that makes their apps easier to use
Of course, but that's one of sharp, hard-to-swallow corners. Insecure is insecure. > I guess what pains me is that Apple have not as yet provided a sanctioned way > to implement this feature. AFAIK, you can still submit an un-sandboxed app and *request* an exemption until Apple provides an appropriate entitlement. Perhaps you might get it. Perhaps the need to access the iPhoto library might fall into this category. Perhaps Apple might ask if you submitted a bug report asking for a new kind of entitlement for your situation, sometime in the year or so since the sandboxing requirement was first announced. :) (I don't think the sandbox-aware bookmark thing was available till long after the original must-enable-sandboxing deadline of Nov 2011. I'm guessing it was only conceived after a bunch of complaints.) > I could understand it to a degree if there was a major issue right now with > malware using this sort of thing to do its dirty work that needed to be shut > down urgently, but AFAICS, it's a non-issue in practice. You mean like uploading the user's entire iOS contacts DB to a developer's own server? Or storing the user's cell tower connection history in a file? Those made apps easier to use. Made lawyers richer, too. P.S. I'm not picking on your specifically. Call me a glass-quarter-full kind of person, but I think we (developers in general, over the past 50 years, not Mac developers specifically) have proved *repeatedly* that we can't be trusted to put user convenience first without creating truck-sized security holes. FWIW. _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
