Further to our story last week about concerns and frustrations relating to Apple’s insistence that applications distributed via the Mac App Store are sandboxed, today we are looking at what developers are doing to meet Apple’s sandboxing requirements.
Rather than update their apps some developers are considering removing them from the Mac App Store altogether. Others have decided to maintain more than one version of their app. And some have accepted that they will have to lose functionality. In some cases developers are refusing to do anything because Apple keeps changing the guidelines for sandboxing and they don’t want to waste development time on making changes that may become unnecessary. While other developers are concerned that making the changes required by Apple may break their apps.
Open Planet’s Karen MacLean told us: “We understand Apple's desire to move to sandboxing and are generally very supportive of it, but we are being cautious. Our big concern at the moment is that sandboxing is a one-way process; once an App has been sandboxed it cannot be un-sandboxed. The worst thing that could happen from our point of view is that we release an update that breaks functionality, especially if we are powerless to fix it.”
She added: “At present sandboxing appears to be varying with each release of the OS and it has the feel of a technology still in Beta. If there is an issue, all the end-user sees is that your App no longer works and this could be very damaging to a small company like ours.”
Like Open Planet, developers at Literature & Latte are also concerned about addressing sandboxing before they feel Apple has ironed out exactly what the requirements are. “Because sandboxing has been evolving rapidly over the past few months, I've been biding my time to see what will happen. So many things have changed with each Lion update and developer preview that I didn't want to have to rewrite my code every two weeks, especially given that sandboxing has been postponed twice before,” said Blout from Literature & Latte, although he admitted: “At the same time, I'm actively working on ensuring Scrivener works well under sandboxing - so that our Mac App Store users can rest assured that Scrivener is as secure as other apps they use - while striving to keep the same level of functionality for all our users.”
Other developers will work on implementation of changes in their own time, rather than being dictated to by Apple. Cognito’s Grant Cowie told us: “All of our software is available through distributors and from our own web store, and is updatable from our own update server. We intend that this will continue to be our primary sales channel on desktop platforms. We will incorporate sandboxing (on our schedule, not Apple's) provided it can be done without removing critical functionality from the software.”
The fact that sandboxing can limit the applications is another reason why developers aren’t rushing to fulfil Apple’s requirements. “The biggest issue with sandboxing is that it severely limits integration with other applications,” said Cowie. “Accounting software that creates invoices in your email program, for example, won't be able to do so without an entitlement exception, so the application functionality would need to be removed.”
Boinx Software’s Oliver Breindenbach also expects that there may be some challenges in meeting the requirements of Sandboxing: “Since a lot of data flows in and out of our apps, we might have to make some adjustments,” he noted.
Open Planet’s MacLean notes another challenge that could be caused by the implementation of sandboxing: “For example in educational institutions there are typically multiple students logging in to shared Macs so it makes sense to have shared licenses and other resources on these machines, but this is not possible in a sandboxed environment. I'm sure we will find a way to work around these issues,” she told us.
Confusion and concerns And why isn’t Apple listening?
What is sandboxing? And will it work?
Is there really a Mac security threat? And will Sandboxing remove it?
The case of the evolving sandbox guidelines And how Apple needs to get its act together