Michael Tsai
Adobe Creative Cloud Installer Deleting Hidden Files: http://mjtsai.com/blog/2016/02/12/adobe-creative-cloud-installer-deleting-hidden-files/ … #mjtsaiblog
-
@mjtsai No, it's so the developers can define the resources they need up front. This prevents bugs/bad coding from accessing other resources
Rosyna Keller
@rosyna I don’t remember that being presented as the main motivation. I don’t think anyone’s worried about apps accidentally printing.
-
-
@mjtsai That was the only motivation when sandboxing was added to OS X for system services, which was before the Mac App Store existed. - View other replies
-
@rosyna I’m not sure how the original reason the technology was developed is relevant to the policy decision about using it now. -
@mjtsai Because it's never been used to protect against malicious apps. As I said, those apps can always ask the user which files to destroy - View other replies
-
@rosyna Apple’s docs says "Enable App Sandbox to Minimize Damage from Malicious Code". https://developer.apple.com/library/mac/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/AboutEntitlements.html … -
@mjtsai Yes, malicious code that hijacks and exploits a security vulnerability in your app. -
@rosyna Where is that code running? And why wouldn’t it also be able to make the app ask the user which files to destroy, as you say? -
@mjtsai the malicious code runs inside the legitimate app. That's how all flash exploits work. A user would notice an unusual dialog. - View other replies
-
@rosyna So you’re saying that the reason the Mac App Store requires sandboxing is to protect against Flash, which most apps don’t use? - Show more
-
-
Gwynne Raskind
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.