Apple and Sandboxing Programs on Mac OS X

It would seem that Apple is moving towards further convergence of iOS and Mac OS X in terms of their control of what gets installed and how those installed programs operate and interoperate within the OS.

One of the security innovations of iOS is sandboxing. To sandbox a program means to run a program within a secure space that limits its access to files on the systems, to other processes running, and to hardware. Essentially, the program is walled off from everything else in the running OS. This is good for security, because a single compromised app cannot bring down the rest of the OS or delete/damage files in the sandboxes of other programs or subvert the OS by direct access to the system hardware.

There are two reasons why sandboxing programs on Mac OS X bothers me:

1) Apple is enforcing these changes through its Mac App Store. Developers need Apple’s App Store more than Apple needs the developers. Apple realizes that a centralized marketplace with its ease of use will encourage users to buy and install programs from the App Store more readily than through traditional boxed software or shareware. It is only another step after making developers build their software to be sandboxed to enforce an install new programs only through the Mac App Store.

2) If all programs eventually must be sandboxed to run on Mac OS X, then the ability to multitask in several programs drawing on a shared set of files will be a pain. Perhaps through iCloud or other cloud services, it will be possible to access files across apps, but I like to have my files stored locally in one place that I can easily locate and backup on my own. This kind of new app behavior will disrupt my workflow to the point that I would have to reinvent the workflow wheel.

We do not yet know if Apple will enforce sandboxing for any application installed on Mac OS X including those not obtained through the Mac App Store, but we do know that Mac App Store developers have until March 1, 2012 to implement sandboxing and submit their apps for approval for additional privileges [read more here on TUAW]. There are already over 500 comments on Slashdot regarding this news here.

I am a professor of English at the New York City College of Technology, CUNY whose teaching includes composition and technical communication, and research focuses on 20th/21st-century American culture, science fiction, neuroscience, and digital technology.

Tagged with: , , , ,
Posted in Apple, Computers
Who is Dynamic Subspace?

Dr. Jason W. Ellis shares his interdisciplinary research and pedagogy on DynamicSubspace.net. Its focus includes the exploration of science, technology, and cultural issues through science fiction and neuroscientific approaches. It includes vintage computing, LEGO, and other wonderful things, too.

He is an Assistant Professor of English at the New York City College of Technology, CUNY (City Tech) where he teaches college writing, technical communication, and science fiction.

He holds a Ph.D. in English from Kent State University, M.A. in Science Fiction Studies from the University of Liverpool, and B.S. in Science, Technology, and Culture from Georgia Tech.

He welcomes questions, comments, and inquiries for collaboration via email at jellis at citytech dot cuny dot edu or Twitter @dynamicsubspace.

Archives

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 851 other followers

Blog Stats
  • 492,057 visits