Apple Pushed Implementation Of Sandboxing Requirement In Mac App Store To March

Among the user-interface changes in OS X 10.7 (Lion), Apple also included a number of changes in the security model that may affect customers of Mac App Store in the near future. One of them is a sandboxing system which can prevent third-party apps from causing damage.

As ArsTechnica explains, running an app within a sandbox could minimize the damage in case this app is compromised by malware. Sandboxed application can’t do many things that a normal app could do. For example, normal app has the ability to delete all files owned by the user, but well-behaved app will not do it. However, if the app is compromised it can be forced to cause some damage.

Apple allows performing user initiated processes that override the sandbox, but actions initiated by sandboxed applications will not be allowed. Thus, inter-app interactions and scripting as well as system-wide file access will not be restricted.

Originally, Apple had informed developers that sandboxing would be requirement for apps in the Mac App Store as of November, 2011, but today the company emailed the developers that it will come into effect on March 1.

Sandboxing will certainly strengthen the security of app in Mac App Store, but there have been some concerns that its implementation will stifle innovation and features on the Mac platform.

In October Jason Snell said that he know that some developers will delete some features from their apps in order to meet Apple’s sandbox requirements. Among the applications that will be affected are inter-app communication, apps for browsing the file system, keyboard shortcut apps, backups and file syncing utilities.

With the new delay, some developers expressed hopes that Apple may be working on better solution than excluding these apps from the Mac App Store.