Re: Sandbox Clarification
Re: Sandbox Clarification
- Subject: Re: Sandbox Clarification
- From: Graham Cox <email@hidden>
- Date: Fri, 01 Feb 2013 10:13:27 +1100
On 01/02/2013, at 1:24 AM, Sean McBride <email@hidden> wrote:
> You are conflating issues. They are only "useless in practice" if you distribute with the app store. If you distribute otherwise, they are plenty useful: you can use the temp entitlements to get other App Sandbox benefits even if you grant yourself full file system access. At least then if your app is compromised there is still protection for network, microphone, camera, etc. It's all about limiting the attack surface after all...
I still maintain that sandboxing is a solution in search of a problem. If I'm distributing outside the app store, it's simply much easier not to sandbox. The benefits of the "protection" it offers are entirely theoretical, whereas dealing with the limitations, bugs and performance problems it brings are very real.
But we've had this conversation; it's been done to death. I don't think it's worth rehashing.
--Graham
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden