Daniel Jalkut
If Apple strived to make the Sanbdbox fulfill more needs, I think many more apps would be sandboxed. Four years ago: https://red-sweater.com/blog/2324/fix-the-sandbox …
-
In this scenario, an app like Adobe’s might have "I need to delete /.adobe", and the system would prevent it deleting /.bzvol.
Because Apple’s sandboxing limitations are so rigid, some developers who would otherwise "do the right thing" won’t even bother trying.
-
-
@danielpunkass I haven’t had to use an adobe product in 3 years#blessed -
.
@jsatk Adobe Creative Cloud. You don't know what you're missing.™ - Show more
-
-
-
@danielpunkass We develop kexts & drivers and their userspace clients. There’s no “can talk to kext” entitlement, so our options are: -
@danielpunkass (a) allow every unsandboxed app to talk to our kext and run our daemon with dropped privileges, or… -
@danielpunkass …(b) only allow processes running as root to connect to our kext, but then our daemon has to run as root, unsandboxed. -
@danielpunkass So we’re screwed either way; if we contain the daemon, the kext is wide open, if we contain the kext, the daemon is wide open -
@danielpunkass What would be awesome: (a) give kexts ability to authorise clients with more granularity (Signed with certain developer ID?) -
@danielpunkass and (b) let sandboxed processes talk to kexts, so we can lock our daemons the hell down. -
@danielpunkass I get the impression that Apple would prefer to get rid of kexts and daemons altogether though so I guess that won’t happen.
-
-
@danielpunkass There are such diminishing returns; I feel like Apple has no interest in ‘finishing the job’ for <1% of apps. -
@danielpunkass totally agree. I’d love to use the update and licensing from App Store. But with sandbox unit and review delays I can’t. -
@danielpunkass my new@DejalTimeOut 2 app was sandboxed, but I had to disable the sandbox to make Sparkle work. So it’s not just Apple.
Jesse 
Phil Dennis-Jordan
Will Cosgrove
Matt
David Sinclair
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.