Mac App Store apps begin to comply with sandboxing rule ahead of deadline
Applications complying with Apple's sandboxing rules for OS X have begun to appear on the Mac App Store, with Pixelmator being among the first major offerings to meet the forthcoming requirement.
Pixelmator version 2.0.4 was released on the Mac App Store (iTunes link) on Thursday, and as noted by Jim Dalrymple of The Loop, the release notes from the development team reveal that the update enables sandboxing support for OS X Lion. Pixelmator is an easy-to-use image editor that sells for $29.99.
The June 1 deadline for Mac App Store applications to meet Apple's sandboxing requirement is fast approaching. The deadline was extended to June 1 in February to allow developers more time to comply with the new rule.
Originally, developers were required to have their applications ready for sandboxing when the Mac App Store first launched in early 2011. But Apple opted to give developers a reprieve until last November, and again pushed the deadline back twice: once to March 1, and another time to the current June 1 deadline.
Sandboxing represents Apple's push to make the Mac platform more secure by restricting what applications are allowed to do within the operating system. This will help to prevent problems like malware taking over third-party applications.
Some developers have been resistant to the changes that Apple is pushing, and have even discovered security flaws within the system before its official public launch.
While the Pixelmator update will make it compatible with Sandboxing in Lion, the new security feature will play an even greater role later this year, when Apple launches its next-generation operating system, OS X 10.8 Mountain Lion. One of Mountain Lion's biggest features is Gatekeeper, which will give users the option to restrict a Mac to install only Apple-authorized applications from the Mac App Store.
Gatekeeper will also allow users to restrict the installation of third-party software from outside the Mac App Store to only applications created by identified developers. Apple will provide its authorized developers with a secret key, and that key can be revoked if developers are found to violate Apple's terms.
Though sandboxing will be required of all Mac App Store software, the Gatekeeper functionality in Mountain Lion will be optional. If they so choose, users will be able to allow applications on their system that are downloaded from anywhere, regardless of whether they are authorized by Apple.
Pixelmator version 2.0.4 was released on the Mac App Store (iTunes link) on Thursday, and as noted by Jim Dalrymple of The Loop, the release notes from the development team reveal that the update enables sandboxing support for OS X Lion. Pixelmator is an easy-to-use image editor that sells for $29.99.
The June 1 deadline for Mac App Store applications to meet Apple's sandboxing requirement is fast approaching. The deadline was extended to June 1 in February to allow developers more time to comply with the new rule.
Originally, developers were required to have their applications ready for sandboxing when the Mac App Store first launched in early 2011. But Apple opted to give developers a reprieve until last November, and again pushed the deadline back twice: once to March 1, and another time to the current June 1 deadline.
Sandboxing represents Apple's push to make the Mac platform more secure by restricting what applications are allowed to do within the operating system. This will help to prevent problems like malware taking over third-party applications.
Some developers have been resistant to the changes that Apple is pushing, and have even discovered security flaws within the system before its official public launch.
While the Pixelmator update will make it compatible with Sandboxing in Lion, the new security feature will play an even greater role later this year, when Apple launches its next-generation operating system, OS X 10.8 Mountain Lion. One of Mountain Lion's biggest features is Gatekeeper, which will give users the option to restrict a Mac to install only Apple-authorized applications from the Mac App Store.
Gatekeeper will also allow users to restrict the installation of third-party software from outside the Mac App Store to only applications created by identified developers. Apple will provide its authorized developers with a secret key, and that key can be revoked if developers are found to violate Apple's terms.
Though sandboxing will be required of all Mac App Store software, the Gatekeeper functionality in Mountain Lion will be optional. If they so choose, users will be able to allow applications on their system that are downloaded from anywhere, regardless of whether they are authorized by Apple.
Comments
I'm not entirely sure this is correct. One of my apps complied with Sandboxing rules before thursday. Perhaps this is the first 'major' app to comply.
Quote:
Originally Posted by monstrosity
I'm not entirely sure this is correct. One of my apps complied with Sandboxing rules before thursday. Perhaps this is the first 'major' app to comply.
the headline states
Pixelmator being among the first major offerings to meet the forthcoming requirement.
Many network intensive apps are going to be a lot more complicated to sandbox than an image editing app.
This is certainly not good news for a lot of developers. Thankfully Mozilla is launching a beta version of it's own app store called Market Place which aims to compete with Apple's app store and Google Play store. Security is great but not at the cost of crippling software and reducing features.
Not being a dumbass with how you access the net and things you click on is still the best defense
Quote:
Originally Posted by internetworld7
This is certainly not good news for a lot of developers. Thankfully Mozilla is launching a beta version of it's own app store called Market Place which aims to compete with Apple's app store and Google Play store. Security is great but not at the cost of crippling software and reducing features.
Well given the security scares lately and given that Apple has twice extended the deadline, I think now is the time to finally comply.
I agree. Its about time that Apple has stayed with the current deadline. I don't think this move will reduce features I think developers are smart enough to keep the features they have as well as add new ones even with the restrictions in place. After all this is to help the consumer. Sure some of us are smart enough to not click certain links and stuff like that but you also have to remember, Apple is trying to create it to even people that do not understand technology can be protected and use their products without a worry. OS X 10.8 will help this even more with Gatekeeper.
Well that's nice, seeing how Toast can't even see my superdrive under Mountain Lion.
Quote:
Originally Posted by Cash907
my superdrive
retrooooo
It's even worse news for virus/spyware writers. As someone who cleaned a virus off my parents computer, this is a godsend
This is even worse news for virus/spyware writers. As someone who has cleaned a virus off my parents Mac, this is a godsend
Just another reason to not download apps from the App Store.
App Store is for mom-and-pop angry birds apps, not real applications.
Welcome to the nerfing of Mac OS X. Pretty soon there will be no file system and no multitasking. All in the grounds of "safer" computing.
Bet you by 10.9 they will no longer allow you to install apps unless they are from the App Store.
Quote:
Originally Posted by ifij775
As someone who has cleaned a virus off my parents Mac, this is a godsend
That didn't happen. It was something else.
Quote:
Originally Posted by enjourni
Just another reason to not download apps from the App Store. App Store is for mom-and-pop angry birds apps, not real applications. Welcome to the nerfing of Mac OS X. Pretty soon there will be no file system and no multitasking. All in the grounds of "safer" computing. Bet you by 10.9 they will no longer allow you to install apps unless they are from the App Store.
Stop the FUD, I want to get off!
Quote:
Originally Posted by internetworld7
This is certainly not good news for a lot of developers. Thankfully Mozilla is launching a beta version of it's own app store called Market Place which aims to compete with Apple's app store and Google Play store. Security is great but not at the cost of crippling software and reducing features.
Why? Sandboxing doesn't say an app can't do something. Sandboxing says an app can't do something it's not supposed to do, where the dev is the one who gets to say what it is supposed to do. Generally an app isn't the one doing the bad things, but other malicious code masquerading in the address space. Now there is one less way for malicious code to run unhindered. All for the price of devs specifying profiles that make sense.
Maybe a bit oversimplified, but sandboxing isn't some draconian NO! YOUR APP WILL NEVER DO SOME USEFUL THING! like many folks are trying to make it out to be.
Quote:
Originally Posted by Cash907
Well that's nice, seeing how Toast can't even see my superdrive under Mountain Lion.
That's not sandboxing being the problem, that's good old fashioned Toast bugs. 3rd party apps that don't use the sandbox profiles are unaffected by sandboxing. Sandboxing is only an issue for apps that want to be sold on the App Store.
Quote:
Originally Posted by enjourni
Just another reason to not download apps from the App Store.
App Store is for mom-and-pop angry birds apps, not real applications.
Welcome to the nerfing of Mac OS X. Pretty soon there will be no file system and no multitasking. All in the grounds of "safer" computing.
Bet you by 10.9 they will no longer allow you to install apps unless they are from the App Store.
Purely made up, uninformed FUD, nothing else to say about that.
Quote:
Originally Posted by ascii
retrooooo
I was thinking "how quaint" myself
Quote:
Originally Posted by enjourni
Bet you by 10.9 they will no longer allow you to install apps unless they are from the App Store.
I'll take that bet. How much you willing to loose?
Quote:
Originally Posted by DocNo42
I'll take that bet. How much you willing to loose?
Bet him a fully speced-out Mac Pro Server. Doesn't matter if you don't need one.
… Okay, so you can pronounce "speced-out", but how in the world do you spell it?
Quote:
Originally Posted by Hiro
Why? Sandboxing doesn't say an app can't do something. Sandboxing says an app can't do something it's not supposed to do, where the dev is the one who gets to say what it is supposed to do.
Exactly. If you can show that yes your app needs to have access so X Y or Z to do its advertised task you are fine. But if it doesn't then it is on you to seal up the holes so that your app can't be hijacked by someone
And remember that this is only apps sold via the App Store and perhaps those signed apps. If you choose to stay out in the 'net without that signature and take the risk that the dumb granny types won't install your software (which likely does something they won't never need or understand anyway) thats on you.