All change for developers after Apple's sandboxing decree
Developers are having to embrace a host of restrictions if they are to continue creating apps for Apple's Mac Store.
From March 2012, developers creating apps for sale in the Mac App Store will be obliged to employ sandboxing in order to make apps less likely to fall victim to malicious attack.
In an email to registered developers sent last week, the company explained that they had intended to make sandboxing compulsory as early as this November but had delayed the requirement until early spring.
Sandboxing is a method which developers use to limit exposure to system processes so an application is run in a protected environment with a limited set of resources making it much more difficult for hackers to gain access.
Developers are now faced with a host of challenges, however, Apple has stipulated a list of system processes, or 'entitlements' listed below:
Read-only access to the user’s Movies folder and iTunes movies
Read/write access to the user’s Movies folder and iTunes movies
Read-only access to the user’s Music folder
Read/write access to the user’s Music folder
Read-only access to the user’s Pictures folder
Read/write access to the user’s Pictures folder
Capture of movies and still images using the built-in camera, if available
Recording of audio using the built-in microphone, if available
Interaction with USB devices
Read/write access to the user’s Downloads folder
Read-only access to files the user has selected using an Open or Save dialog
Read/write access to files the user has selected using an Open or Save dialog
Child process inheritance of the parent’s sandbox
Outgoing network socket for connecting to other machines
Incoming network socket for listening for requests from other machines
Read/write access to contacts in the user’s address book
Read/write access to the user’s calendars
Use of the Core Location framework for determining the computer’s geographical location
In addition, Mac App Store apps will not have access to other processes and access for applications not distributed through the App Store would be unaffected. Access to select other non-sandboxed processes will be restricted but Apple plans to phase this out eventually. However, developers must request access or risk rejection and the changes mean that functionality of these apps will be reduced.
While the new stipulations may see developers forced to promote their apps in other places, the fact remains: Apple makes the rules when it comes to the apps it sells in its own store and developers know that this is the way increasingly that Mac users discover what they have to offer.