Gatekeeper, Sandboxing and the Evolution of OS X Apps

Image for article titled Gatekeeper, Sandboxing and the Evolution of OS X Apps

Since personal computers became a thing, we've always been free to install any app we like as long as the code was compatible on a very basic level. No approval processes. No regulation. OS X has been no exception. But this week, two things happened in Appleland that could change that entirely. The introduction of OS X Mountain Lion with its new security features, and an updated developer policy in the Mac App Store.


Included in the latest version of OS X is Gatekeeper, a security app intended to protect users from malicious software. It sounds fine on paper, but Gatekeeper very prominently includes the options to limit app installs to those purchased and downloaded through the Mac App Store. Curious, no?

And then today, word broke through a small developer, Atlassian, that the Mac App Store has adopted a more rigorous attitude towards sandboxing. One that all but breaks apps, or at the very least, ruins user experiences for apps attempting to serve as more than a document editor.

In very plain terms, sandboxing is a way to protect the rest of your computer from potentially harmful apps. Think of your app like a timebomb. When you sandbox it, you are putting it in a bomb-proof room, so that if it explodes (in this case, with viruses and malware), it doesn't destroy the rest of the building (in this case, your computer).

Apple sees sandboxing as such:

App Sandbox is an access control technology provided in Mac OS X, enforced at the kernel level. Its strategy is twofold:

App Sandbox enables you to describe how your app interacts with the system. The system then grants your app the access it needs to get its job done, and no more.

App Sandbox allows the user to transparently grant your app additional access by way of Open and Save dialogs, drag and drop, and other familiar user interactions.

Atlassian on the other hand, sees it like this:

Sandboxed applications…

only have automatic file access to their ‘Container', which is a chroot-like setup for just that single application, with local versions of the user home directory, preferences folders, and so on

can only access other file locations if the user gives explicit access via an ‘Open File' dialog, a recently-used file list, the restoration of windows in Lion, or drag/drop

cannot even necessarily have knowledge of the path to the ‘real' user home directory, only to the container version

cannot send Apple events to communicate with other applications

Third-party apps such as the to-do list Anxiety, would be affected by this change. It has the ability to automatically trade data with the to-do list in Apple's iCal. Under the latest Apple policy, this would no longer be allowed without some serious user prompting and tweaking that would disrupt UX.


That said, the real severity of these changes remains to be seen and will be dictated by how developers adapt to these changes, but it makes you wonder about what direction Apple really intends to head in.

When badgered about his decision to stop supporting Flash-based technology on Apple platforms, Steve Jobs would point to the open-source Darwin foundation OS X is built on, and the level of freedom all of us have to tinker under the hood. Though iOS had been locked down for the sake of UX, it seemed damn near certain that OS X would always maintain some degree of unfettered freedom.


But Apple has also all but laid bare its desires to make OS X and iOS very similar, if not one and the same. iOS of course, has a more rigorous approval process for its apps, and rarely do those apps get unchecked access to the deepest layers of iOS.

As such, that free reign approach to OS X has begun to shift. The introduction of the Mac App Store was the first indicator, which has slowly given Apple more control over what apps run natively on their computers. They took that one step further with the initial introduction of their app sandboxing policy in November, which limited the amount of system access apps had without specific permission.


And now with the latest two occurences, the questions can no longer be avoided. Will OS X become a closed platform? Will HTML5 web apps be Apple's alternative to

The way HTML5 is shaping up, we might not even feel the effects of a closed platform (with the exception of offline app use, maybe). Google of course, believes in the power of HTML5 as a platform, and maybe Apple is leaning in the same direction.


But Apple's willingness to let us go and explore through the deepest, darkest corners of OS X, and in many a case, improve on it, is what attracted so many advanced users to the platform to begin with. It's what allowed the fundamental core of the OS to have such a long life span. If Apple takes that away, you have to wonder if they'll be closing themselves off to unexplored ideas, and untapped potential for their products.



Hypocrisy, thy name is Apple.

When CS6 is released, the only reason to keep my MacPro1,1 around is for Final Cut. I'm moving back to Windows and buying a decent windows Laptop to replace my aging MacBook Pro. I'm done with the heavy-handed bullshit.