All change for developers after Apple's sandboxing decree

Developers are having to embrace a host of restrictions if they are to continue creating apps for Apple's Mac Store.

From March 2012, developers creating apps for sale in the Mac App Store will be obliged to employ sandboxing in order to make apps less likely to fall victim to malicious attack.

In an email to registered developers sent last week, the company explained that they had intended to make sandboxing compulsory as early as this November but had delayed the requirement until early spring.

Sandboxing is a method which developers use to limit exposure to system processes so an application is run in a protected environment with a limited set of resources making it much more difficult for hackers to gain access.

Developers are now faced with a host of challenges, however, Apple has stipulated a list of system processes, or 'entitlements' listed below:

Read-only access to the user’s Movies folder and iTunes movies

Read/write access to the user’s Movies folder and iTunes movies

Read-only access to the user’s Music folder

Read/write access to the user’s Music folder

Read-only access to the user’s Pictures folder

Read/write access to the user’s Pictures folder

Capture of movies and still images using the built-in camera, if available

Recording of audio using the built-in microphone, if available

Interaction with USB devices

Read/write access to the user’s Downloads folder

Read-only access to files the user has selected using an Open or Save dialog

Read/write access to files the user has selected using an Open or Save dialog

Child process inheritance of the parent’s sandbox

Outgoing network socket for connecting to other machines

Incoming network socket for listening for requests from other machines

Read/write access to contacts in the user’s address book

Read/write access to the user’s calendars

Use of the Core Location framework for determining the computer’s geographical location

Printing

In addition, Mac App Store apps will not have access to other processes and access for applications not distributed through the App Store would be unaffected. Access to select other non-sandboxed processes will be restricted but Apple plans to phase this out eventually. However, developers must request access or risk rejection and the changes mean that functionality of these apps will be reduced.

While the new stipulations may see developers forced to promote their apps in other places, the fact remains: Apple makes the rules when it comes to the apps it sells in its own store and developers know that this is the way increasingly that Mac users discover what they have to offer.

Related Stories

Leave a comment

Alternatively

This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.