Mac App Store apps begin to comply with sandboxing rule ahead of deadline

Posted:
in macOS edited January 2014
Applications complying with Apple's sandboxing rules for OS X have begun to appear on the Mac App Store, with Pixelmator being among the first major offerings to meet the forthcoming requirement.

Pixelmator version 2.0.4 was released on the Mac App Store (iTunes link) on Thursday, and as noted by Jim Dalrymple of The Loop, the release notes from the development team reveal that the update enables sandboxing support for OS X Lion. Pixelmator is an easy-to-use image editor that sells for $29.99.

The June 1 deadline for Mac App Store applications to meet Apple's sandboxing requirement is fast approaching. The deadline was extended to June 1 in February to allow developers more time to comply with the new rule.

Originally, developers were required to have their applications ready for sandboxing when the Mac App Store first launched in early 2011. But Apple opted to give developers a reprieve until last November, and again pushed the deadline back twice: once to March 1, and another time to the current June 1 deadline.

Sandboxing represents Apple's push to make the Mac platform more secure by restricting what applications are allowed to do within the operating system. This will help to prevent problems like malware taking over third-party applications.

Sandbox


Some developers have been resistant to the changes that Apple is pushing, and have even discovered security flaws within the system before its official public launch.

While the Pixelmator update will make it compatible with Sandboxing in Lion, the new security feature will play an even greater role later this year, when Apple launches its next-generation operating system, OS X 10.8 Mountain Lion. One of Mountain Lion's biggest features is Gatekeeper, which will give users the option to restrict a Mac to install only Apple-authorized applications from the Mac App Store.

Gatekeeper will also allow users to restrict the installation of third-party software from outside the Mac App Store to only applications created by identified developers. Apple will provide its authorized developers with a secret key, and that key can be revoked if developers are found to violate Apple's terms.

Though sandboxing will be required of all Mac App Store software, the Gatekeeper functionality in Mountain Lion will be optional. If they so choose, users will be able to allow applications on their system that are downloaded from anywhere, regardless of whether they are authorized by Apple.
«1

Comments

  • Reply 1 of 22
    monstrositymonstrosity Posts: 2,206member


    I'm not entirely sure this is correct. One of my apps complied with Sandboxing rules before thursday. Perhaps this is the first 'major' app to comply.

  • Reply 2 of 22
    mstonemstone Posts: 11,510member

    Quote:

    Originally Posted by monstrosity View Post


    I'm not entirely sure this is correct. One of my apps complied with Sandboxing rules before thursday. Perhaps this is the first 'major' app to comply.



    the headline states


     


    Pixelmator being among the first major offerings to meet the forthcoming requirement.


     


    Many network intensive apps are going to be a lot more complicated to sandbox than an image editing app.

  • Reply 3 of 22


    This is certainly not good news for a lot of developers. Thankfully Mozilla is launching a beta version of it's own app store called Market Place which aims to compete with Apple's app store and Google Play store. Security is great but not at the cost of crippling software and reducing features. 

  • Reply 4 of 22
    ssquirrelssquirrel Posts: 1,196member


    Not being a dumbass with how you access the net and things you click on is still the best defense :)

     

  • Reply 5 of 22
    asciiascii Posts: 5,941member

    Quote:

    Originally Posted by internetworld7 View Post


    This is certainly not good news for a lot of developers. Thankfully Mozilla is launching a beta version of it's own app store called Market Place which aims to compete with Apple's app store and Google Play store. Security is great but not at the cost of crippling software and reducing features. 



    Well given the security scares lately and given that Apple has twice extended the deadline, I think now is the time to finally comply.

  • Reply 6 of 22
    topdragtopdrag Posts: 26member


    I agree. Its about time that Apple has stayed with the current deadline. I don't think this move will reduce features I think developers are smart enough to keep the features they have as well as add new ones even with the restrictions in place. After all this is to help the consumer. Sure some of us are smart enough to not click certain links and stuff like that but you also have to remember, Apple is trying to create it to even people that do not understand technology can be protected and use their products without a worry. OS X 10.8 will help this even more with Gatekeeper.

  • Reply 7 of 22
    solipsismxsolipsismx Posts: 19,566member
    This is certainly not good news for a lot of developers. Thankfully Mozilla is launching a beta version of it's own app store called Market Place which aims to compete with Apple's app store and Google Play store. Security is great but not at the cost of crippling software and reducing features. 
    I'm not sure how Mozilla launching an app store makes a difference. It's not like apps can't be installed and opened if you don't get them from someone's a app store.
  • Reply 8 of 22
    cash907cash907 Posts: 893member


    Well that's nice, seeing how Toast can't even see my superdrive under Mountain Lion.

  • Reply 9 of 22
    asciiascii Posts: 5,941member

    Quote:

    Originally Posted by Cash907 View Post


    my superdrive



    retrooooo

  • Reply 10 of 22
    ifij775ifij775 Posts: 470member
    This is certainly not good news for a lot of developers. Thankfully Mozilla is launching a beta version of it's own app store called Market Place which aims to compete with Apple's app store and Google Play store. Security is great but not at the cost of crippling software and reducing features. 

    It's even worse news for virus/spyware writers. As someone who cleaned a virus off my parents computer, this is a godsend
  • Reply 11 of 22
    ifij775ifij775 Posts: 470member
    This is certainly not good news for a lot of developers. Thankfully Mozilla is launching a beta version of it's own app store called Market Place which aims to compete with Apple's app store and Google Play store. Security is great but not at the cost of crippling software and reducing features. 

    This is even worse news for virus/spyware writers. As someone who has cleaned a virus off my parents Mac, this is a godsend
  • Reply 12 of 22
    enjournienjourni Posts: 254member


    Just another reason to not download apps from the App Store.


     


    App Store is for mom-and-pop angry birds apps, not real applications.


     


    Welcome to the nerfing of Mac OS X. Pretty soon there will be no file system and no multitasking. All in the grounds of "safer" computing.


     


    Bet you by 10.9 they will no longer allow you to install apps unless they are from the App Store.

  • Reply 13 of 22
    tallest skiltallest skil Posts: 43,399member

    Quote:

    Originally Posted by ifij775 View Post

    As someone who has cleaned a virus off my parents Mac, this is a godsend


     


    That didn't happen. It was something else.


     


    Quote:

    Originally Posted by enjourni View Post

    Just another reason to not download apps from the App Store. App Store is for mom-and-pop angry birds apps, not real applications. Welcome to the nerfing of Mac OS X. Pretty soon there will be no file system and no multitasking. All in the grounds of "safer" computing. Bet you by 10.9 they will no longer allow you to install apps unless they are from the App Store.


     


    Stop the FUD, I want to get off!

  • Reply 14 of 22
    hirohiro Posts: 2,663member

    Quote:

    Originally Posted by internetworld7 View Post


    This is certainly not good news for a lot of developers. Thankfully Mozilla is launching a beta version of it's own app store called Market Place which aims to compete with Apple's app store and Google Play store. Security is great but not at the cost of crippling software and reducing features. 



    Why?   Sandboxing doesn't say an app can't do something.  Sandboxing says an app can't do something it's not supposed to do, where the dev is the one who gets to say what it is supposed to do.  Generally an app isn't the one doing the bad things, but other malicious code masquerading in the address space.  Now there is one less way for malicious code to run unhindered.  All for the price of devs specifying profiles that make sense.  


     


    Maybe a bit oversimplified, but sandboxing isn't some draconian NO! YOUR APP WILL NEVER DO SOME USEFUL THING! like many folks are trying to make it out to be.

  • Reply 15 of 22
    hirohiro Posts: 2,663member

    Quote:

    Originally Posted by Cash907 View Post


    Well that's nice, seeing how Toast can't even see my superdrive under Mountain Lion.



    That's not sandboxing being the problem, that's good old fashioned Toast bugs.  3rd party apps that don't use the sandbox profiles are unaffected by sandboxing.  Sandboxing is only an issue for apps that want to be sold on the App Store.

  • Reply 16 of 22
    hirohiro Posts: 2,663member

    Quote:

    Originally Posted by enjourni View Post


    Just another reason to not download apps from the App Store.


     


    App Store is for mom-and-pop angry birds apps, not real applications.


     


    Welcome to the nerfing of Mac OS X. Pretty soon there will be no file system and no multitasking. All in the grounds of "safer" computing.


     


    Bet you by 10.9 they will no longer allow you to install apps unless they are from the App Store.



    Purely made up, uninformed FUD, nothing else to say about that.

  • Reply 17 of 22
    docno42docno42 Posts: 3,313member

    Quote:

    Originally Posted by ascii View Post


    retrooooo



     


    I was thinking "how quaint" myself :)

  • Reply 18 of 22
    docno42docno42 Posts: 3,313member

    Quote:

    Originally Posted by enjourni View Post


    Bet you by 10.9 they will no longer allow you to install apps unless they are from the App Store.



     


    I'll take that bet.  How much you willing to loose?

  • Reply 19 of 22
    tallest skiltallest skil Posts: 43,399member

    Quote:

    Originally Posted by DocNo42 View Post

    I'll take that bet.  How much you willing to loose?


     


    Bet him a fully speced-out Mac Pro Server. Doesn't matter if you don't need one. image


     


    … Okay, so you can pronounce "speced-out", but how in the world do you spell it?

  • Reply 20 of 22
    charlitunacharlituna Posts: 7,215member

    Quote:

    Originally Posted by Hiro View Post


    Why?   Sandboxing doesn't say an app can't do something.  Sandboxing says an app can't do something it's not supposed to do, where the dev is the one who gets to say what it is supposed to do. 



     


    Exactly. If you can show that yes your app needs to have access so X Y or Z to do its advertised task you are fine. But if it doesn't then it is on you to seal up the holes so that your app can't be hijacked by someone 


     


    And remember that this is only apps sold via the App Store and perhaps those signed apps. If you choose to stay out in the 'net without that signature and take the risk that the dumb granny types won't install your software (which likely does something they won't never need or understand anyway) thats on you. 

Sign In or Register to comment.