Re: More sandblasting (oops, I mean sandboxing die die die)
Re: More sandblasting (oops, I mean sandboxing die die die)
- Subject: Re: More sandblasting (oops, I mean sandboxing die die die)
- From: Todd Heberlein <email@hidden>
- Date: Mon, 03 Sep 2012 15:44:14 -0700
On Sep 3, 2012, at 2:58 PM, William Squires <email@hidden> wrote:
> I can see the benefit of taking a more security-related stance on a closed platform like iOS so as to make writing malware harder, but for a general-purpose computing platform, this'll just put unnecessary roadblocks in the way of newbies who want to develop for it… Unless Apple's geniuses can figure out a way to simplify the whole shooting match to a one-click solution! :)
> ...
> As it is, there's a whole sh*tload of steps between 2 and 4 now (and that replace step 3). Boo!
I see two problems Apple must address. The first is similar to your list. Key management is a real pain. I just started compiling code on a new machine and couldn't figure out why I couldn't properly sign my code. I looked and I had the developer certificates in my keychain.
The problem was that I didn't have the private keys too. I went back to my old development machine, exported the certificate and private key combo, and imported them into my new machine. Bingo, the problem is solved.
I *really* *really* wish that this workflow process was simpler and easier to debug. It would have helped if Xcode would be smarter than me and say, "Dummy, you have your developer certificates but not your private key. You need to sign code with the private key. Go get it. Here is a link explaining the process <link>."
Outside the issue of getting and managing private keys and public certificates, the process of Sandboxing is non-trivial. Apple is trying to capture "user intent" in code that is running outside your code, but "user intent" is kind of a nebulous concept. For file access, the primary approach is their PowerBox. For simple document-type apps this solution works OK, but there are a lot of cases where it fails.
There are far more talented and experienced Mac programmers than me who are running into limitations and planning on taking their next versions out of the Mac App Store (or so I've read). I hope they are able to provide constructive criticism to Apple for improving the current solution.
CONCLUSIONS:
(1) I wish Apple could simplify the key management process and make resolving problems easier. Key management is a baffling process to most people.
(2) I hope Apple listens to constructive criticism on improving their approach to capturing user intent. ("constructive" being the operative word)
Todd
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden