Sandboxing and the Mac App Store

As I met with developer friends at Macworld this year, a common discussion point was Apple’s forthcoming implementation of sandboxing on the Mac. As part of the continuing effort to keep the Mac secure, Apple is preparing to require that all apps sold through the Mac App Store comply with Apple’s sandboxing rules. Sandboxing in Mac OS X is the process of requiring apps to obtain permission for access to different parts of your Mac’s memory and file system. For instance, if you are create a text editor app, you shouldn’t need access to the Mac’s Address Book database. Indeed, making an app that seems harmless but then grabs and uploads personal information and data is exactly the kind of behavior Apple seeks to prevent. In essence, sandboxing partitions the different areas of your Mac only giving software developers access to those particular assets their apps reasonably require. A photo editing app, for instance, will not get access to your admin files. A calculator will not get access to your documents folder. I’m simplifying, but you get the point.

As such, Apple is adding sandboxing to Mac OS X. Sandboxing makes a lot of sense. It worked out really well for iOS and now Apple wants the same level of security on the Mac. However, there still are a lot of questions. For instance, what about apps that necessarily need to work across your Mac? Macro applications and text expansion tools work within several apps and, by their very nature, need access throughout your system in order to serve you. Likewise, some of our favorite productivity apps use small menu bar apps to provide an ever-present gateway into their functionality. Another example are FTP clients that allow you to upload files from anywhere in your computer. All of these applications are incredibly useful. Unfortunately, it also appears that all of these applications would violate of Apple’s looming sandboxing rules.

Nothing is in stone yet. The policy hasn’t been made final or implemented. However, the writing is on the wall and longtime Mac app developers are concerned. Is Apple’s efforts to implement sandboxing going to kill their apps? Nobody knows: everyone is worried.

At some point, Apple is going to throw the switch and start vetting all apps submitted for sale in the Mac App Store. Apps that don’t meet the sandboxing standards, it appears, will not be sold through the Mac App Store. This is a serious problem for app developers as users become more and more accustomed to buying their applications exclusively through the Mac App Store. (I buy nearly all of my apps there.) Moreover, it is not beyond the realm of possibility that one day the only way you can buy an app will be through the Mac App Store.

Sandboxing was originally set to begin in November, 2011. As both Apple and developers struggled to understand exactly what this meant, the deadline was pushed back further. Frankly, having talked to several developers, it seems like there is still a lot of confusion over sandboxing and, in my opinion, this should get pushed back to the next major Mac OS X release, 10.8.

While I have no objection to the idea of sandboxing on the Mac, I hope that Apple doesn’t throw out the baby with the bathwater. From the outside, it appears that the Apple steamroller is gassing up and a lot of our favorite apps are sitting in its path. I believe there is a middle path here. Sandboxing can work if Apple is willing to consider being reasonable with apps that necessarily require broad access to your Mac, particularly from established developers. Maybe the reason this keeps getting delayed is because Apple is internally figuring out how to make that happen. Regardless, I can report that many developers are agitated about the possibility of sandboxing rolling them over in the future. I can only hope Apple will use enough foresight to keep that from happening. It would be a shame if we lost some of our favorite apps in this effort to make the platform more secure.

So as users what does all of this mean for us right now? It is hard to say. We could be looking at a serious threat to some of our favorite software or we could be tilting at windmills. Hopefully it is the latter not the former. In the meantime, as a software purchaser, this causes me to pause with respect to purchasing applications in the Mac App Store. While generally I’m a big fan of the Mac App Store, when it comes to apps that could potentially tread on the sandboxing rules, I’m hesitant. My concern is that they will eventually be banned from the Mac App Store, and any licenses I purchased there will no longer be available to me. As a result, if it’s an app that may run afoul of these new rules, buy it from the developer directly for now. Maybe in six months this will work out and not be a problem, but why take the risk?