Wil ShipleyVerified account

Small developers are stuck in a barely functioning, almost impossible to use sandbox while one of the largest is deleting our files.

Apple’s response will be, “More sandboxing would fix this!” It’s like arguing with a communist. “Well, more communism would work!”

@wilshipley like arguing with a capitalist.

@wilshipley that…is not a good argument.

@jimmyjamesuk123 Developer ID is a good solution because it allows Apple to disable apps after the fact, which is realistic.

@geekable @wilshipley @rosyna does developer Id act as a time machine? Undoing damage? Sandboxing contains damage.

@jimmyjamesuk123 @geekable @rosyna OH MY GOD. If it’s optional IT DOES NOT. I don’t want to keep going back to the beginning here.

@wilshipley @geekable @rosyna I have no idea what that sentence means. In any case. Don’t double down on your mistakes.

@jimmyjamesuk123 You have no idea what it means because you didn’t read what I said earlier?

@wilshipley Applications not delivered via MAS can still use the app sandbox.

@rosyna Point is, they do not. It’s opt-in, which, by definition, is NOT security.

@wilshipley I think you misunderstand the point of sandboxes, which is to limit access to known resources upfront.

@rosyna I think I understand sandboxes more than most, since I was the one who successfully argued for and got Developer ID from Apple.

@wilshipley That's much more about making it easier for developers to adopt sandboxing, since sandbox_init() predates developer IDs.

@wilshipley Sandboxes are *always* designed to be voluntary from the beginning. https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man7/sandbox.7.html#//apple_ref/doc/man/7/sandbox …

@rosyna Right, so they were designed to not be secure. And they don’t work well. So why force them on Mac App Store?