Apple extends Mac App Store sandboxing restriction deadline to June 1
Developers now have until June 1 to make their applications compliant with the new Mac App Store sandboxing restrictions, Apple announced on Tuesday.
The original deadline was March 1, but developers now have an additional three months to bring their software in line with the new rules. The sandboxing entitlements are already found in OS X 10.7.3 Lion and new APIs in Xcode 4.3.
Sandboxing of applications is Apple's initiative to make the Mac platform even more secure by restricting what applications can do within the operating system. This helps to prevent problems like malware taking over third-party applications and utilizing them to do something malicious.
The sandboxing strategy has been met with opposition from some developers who feel restricted by the changes and have even discovered flaws with the system. Last November, a security firm discovered vulnerabilities with the application sandboxing feature.
Apple initially intended to have all applications on the Mac App Store sandboxed when the service first launched in early 2011. But the company opted to give developers a reprieve until last November, and then again pushed the deadline back to March 1. The latest deadline of June 1 marks the third delay for Apple.
Sandboxing will play an even more important role later this year with the launch of OS X 10.8 Mountain Lion and the new Gatekeeper feature. With Gatekeeper, users will have the option of restricting a Mac to only install Apple-authorized software from the Mac App Store, effectively requiring that all software on a Mac comply with Apple's sandboxing rules.
Beyond the Mac App Store restriction, users will also be able to expand third-party software to allow applications from identified developers, if they so choose. Developers will be tracked by Apple with a secret key, and that key will be revoked for developers who are found to violate Apple's terms.
Finally, Mountain Lion users will also be able to allow applications on their system that are downloaded from anywhere, regardless of whether they are considered "identified developers" by Apple.
[ View article on AppleInsider ]
Comments
This is basically the beginning of Apple locking down the rest of their systems. Microsoft is doing the same thing with Metro and Windows 8. It will increase security and reduce piracy. Basically a WIN as far as I'm concerned.
Are you suggesting that they will soon not allow you to install apps outside of the Mac App Store? I think the new option to sign apps that aren't in the App Store is a sign that they are not going to do that.
I do agree this is a good thing. We're all up in arms that an app can read our iPhone's address book and copy its contents to a server without any safeguards but what about apps on the Mac? I have a lot more personal info on my Mac than I do on my iPhone and have no idea what information was data mined.
This is basically the beginning of Apple locking down the rest of their systems. Microsoft is doing the same thing with Metro and Windows 8. It will increase security and reduce piracy. Basically a WIN as far as I'm concerned.
I don't think Apple having the ability to grant permission for all applications is a good thing. It's going to be a nightmare for developers, an annoyance for users. It's 2012. How often do you really worry about security and what programs are legit? It wont help fight piracy unless they locked down everything, which they are not going to do. It's not so much about 'increasing security and reducing piracy' as it is them trying to push their App Store distribution channel. It's one thing to do this on phones, but I don't think it's their place at all to start overseeing and allowing every program written for OSX.
Yea, I don't see how sandboxing is going to stop piracy....
If the default is to only allow apps from the App Store and the App Store only allows sandboxed apps then a user would have to specifically allow apps from unsigned sources to get a pirated app, but of course, anyone looking to score free pirated apps would likely allow this. So yes, sandboxing does not prevent piracy on OS X ML any more than it currently does on iOS once the user decides to jailbreak it. Sandboxing itself is only a damage containment mechanism if the app gets exploited.
... I' sure there will always be means to get that software and that functionality. ....
Unfortunately, many developers will not support two methods of distribution for an app, even if they already have a store. Take Devon Technologies, for example. Their latest app is only available on the app store:
http://www.devontechnologies.com/download/products.html
I'm all for Apple making these changes:
1.
Mac App Store for most if not all apps (advanced users can still manually install)
2.
LaunchPad improvements
3.
Dock changed to iOS multitasking bar ~ at the moment, it's confusing to have icons in the Dock, some running, some not, dragging in and out for adding and removing icons, plus it's redundant compared to LaunchPad.
Again, new users (50% of those buying Macs) simply do not know how to install "programs", have no idea what the Dock does, how to use it, and simply don't understand the Finder. Should we be catering to a dumbing down of OS X? At the end of the day, I feel, we have to. OS X is brilliant but given advanced users will use it the way they like, the primary goal of OS X is to help solidify the Mac as a clear and undisputed alternative to Windows.
Unfortunately, many developers will not support two methods of distribution for an app, even if they already have a store. Take Devon Technologies, for example. Their latest app is only available on the app store:
http://www.devontechnologies.com/download/products.html
Fair enough, but given the choice of software, and the ease of use of the Mac App Store, I'm not too sure what the damage will be if a lot of companies go exclusive with the Mac App Store.
What are the downsides? I can think of one ~ SME and corporate installs may have reduced flexibility, but that was the argument with the Lion installer, which you can simply put onto an external drive.
What are the downsides?... the Lion installer, which you can simply put onto an external drive.
The lion installer doesn't have the DRM of other apps on the mac app store.
The downsides to the mac app store are too numerous to list, but here are two more that I don't think have been mentioned:
1. You can't sell an app.
2. 3-5 year lifetime, after which Apple will stop supporting the DRM on your obsolete machine. Yes, I know this isn't explicitly stated, but neither has Apple committed to a period of support, so we fall back to history as a guide. Remember me.com? Core duo laptops? Core 2 duo macbooks after mountain lion?
The downsides to the mac app store are too numerous to list, but here are two more that I don't think have been mentioned:
1. You can't sell an app.
I'm sorry, I think you're mistaken about the purpose of the Mac App Store.
2. 3-5 year lifetime, after which Apple will stop supporting the DRM on your obsolete machine.
Uh? you're joking, right?