Apple In Trouble With Developers

geek writes "According to Marco Arment, the creator of Instapaper, Apple may be in trouble with developers. According to Arment, the new sandboxing guidelines from Apple are pushing developers away in droves. 'I've lost all confidence that the apps I buy in the App Store today will still be there next month or next year. The advantages of buying from the App Store are mostly gone now. My confidence in the App Store, as a customer, has evaporated. Next time I buy an app that’s available both in and out of the Store, I’ll probably choose to buy it directly from the vendor. And nearly everyone who’s been burned by sandboxing exclusions — not just the affected apps’ developers, but all of their customers — will make the same choice with their future purchases. To most of these customers, the App Store is no longer a reliable place to buy software.' Arment also comments on the 'our way or the highway' attitude Apple often takes in these situations and how it may be backfiring this time around."

New sand boxing guidelines?

[hsmith]

Apple hinted to sandboxing being mandatory at WWDC11, they announced it would happen later that year, then forced everyone to a few months ago. So, where does this "new" come from exactly?

Re:As an Apple hater, I disagree.

[dgatwood]

Did you know there is no setting which allows an application to write files in a user selected folder, no you have to ask the user for every file to save manually.

That's not true at all. The standard com.apple.security.files.user-selected.read-write entitlements can handle that very easily. All you have to do is use a standard open dialog to let the user choose a folder, and then write arbitrary crap into that folder or any subfolder within it. Then, save a security-scoped bookmark to that folder if you need to retain access to that folder on future launches. Where things get awkward with that arrangement is when the user copies those files to another machine or restores from a backup. At that point, you'll have to ask the user to open the folder containing the file "foo.wav" or whatever. Then, you can scour the files in there, create security-scoped bookmarks for all of them, and repeat for any other folders full of files.

A much better solution for that problem is to store each project in a self-contained bundle (a folder with an extension, e.g. a .rtfd file, as supported by TextEdit). If you do that, everything just magically works, because instead of opening a project file, the user is opening a folder that contains everything related to a given project. For obvious reasons, that approach is strongly recommended unless you absolutely have to reference files outside of the project for some reason.

Also I want to make screenshots and mail the screenshot,preferences file and log file to me, when the user has a problem he likes me to look at.

That isn't allowed because you aren't allowed to see other apps' windows. It would be a fairly serious security violation if an app could take pictures of other apps that are running and then mail them to the app developer. The same goes for log files that contain data from other applications, preferences files written by other applications, etc. However, there is no reason you can't capture an image of each of your own windows, store a copy of your own log messages in your own file, or send your own preferences file.

The big deal about sandboxing

[goombah99]

I suspect people reading here dont' have a clue about sandboxing or what a BFD it is. Sandboxing is massively overdue. It's been available for years and years in OSX but there has been a zero adoption rate. I came across it in Xgrid, an apple application which relied heavily on it.

Xgrid is a job server that lets other people run jobs on your computer---safely. How the heck do you do that safely and still have left an environment that can do anything at all. You can't do this with linux permissions or firewalls. But you can with sandboxing. in sandboxing you specify in detail what resources every application has access to. What parts of the file system it can't see even if it has unix permissions. What parts of a network it can access. How much memory it can use. etc... It's a universal wrapper that can be created for every program.

Since firefox can be wrapped it's insane to use any browser without wrapping. If some roque plug in contains the ability to do something nasty you dont' care because it can't. it can't access resources it needs. You are essentially shutting down bad behaviour not bad apps.

So why is it not default?

Cause it's annoying to set up. If you take shortcuts in your application based on giving it more privledges than it needs you get punished by the sandbox.

lazy developers hate it.

time to force the issue. it's good for consumers.

It doesn't do anything for apple, other than make the OS better.