Regarding Sandboxing on Mac OS or iOS, the situations I want to see addressed are these:
The app gets regularly updated. Preferences must exist out side of the app. What easy and straightforward method that does not require the developer to jump through hoops supports preservation of app preferences when an app may be deleted or upgraded WITHOUT using "the cloud", as this is completely in violation of many companies' policies. If you never ever submit apps to the app store, or you have your own managed app store and develop apps solely for the enterprise, and never mass market apps, then be it on iOS or Mac OS, you are expected to have access outside of the sandbox. It is expected that you will have access to the device and different folders to create useful software. Honestly, Sandboxing seems to be created by people who have written a few papers on security. But the implications of Sandboxing mean that there will be less documentation for people to refer to and the restrictions placed on the developers mean that files in supported folders will be co-opted to serve as cookies or data structures that will outlast an app's deletion, thereby already bypassing the restrictions Apple is trying to impose. Apple has created a royal PITA for developers who don't care about submitting apps to the general public, both on iOS and on Mac OS and created a much less useful environment in the process. If Apple limited the restricted folders to the System and Library folders off the root, this would be a whole lot less of a PITA. Just let us write to the drive outside of the folders that contain the precious internal important bits. Stop handcuffing your developers. On Aug 22, 2012, at 2:54 AM, Kyle Sluder wrote: > On Aug 21, 2012, at 11:02 PM, Jens Alfke <j...@mooseyard.com> wrote: > >> >> But then, I haven't tried sandboxing yet. It sounds almost like some >> exquisite form of BDSM: taking away all of your freedom and then making you >> beg to get little bits back. Does it come with safe-words? > > Irrespective of everything else, this is indeed the model for sandboxing. > Because "you" is not normally synonymous with "the user", and the industry > has awoken to the reality that the user can not trust your motives to be > pure. Because in the face of a successful attack, "you" might not be the > author of the executing code either. > > --Kyle Sluder > _______________________________________________ > > Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) > > Please do not post admin requests or moderator comments to the list. > Contact the moderators at cocoa-dev-admins(at)lists.apple.com > > Help/Unsubscribe/Update your Subscription: > https://lists.apple.com/mailman/options/cocoa-dev/zav%40mac.com > > This email sent to z...@mac.com _______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
