Sandboxing

By Zac Szewczyk on 2014/07/02 06:54:04 EST in Tech

Since Apple began requiring that developers submitting applications to the Mac App Store sandbox their products, it has remained a somewhat controversial decision. Two years after the rule went in to effect, it continues to preclude a number of great apps from sharing in the spotlight Apple so generously — and to such great effect — sheds on its platform’s developers by featuring their creations on the store’s front page. Nevertheless, by allowing users to continue downloading and installing programs from outside locations, Apple has avoided any significant amount of criticism; in fact, by presenting it as the security boon that it inarguably is, many praise this decision as a boon for all. And in reality, that is exactly the case: everyone, from developer to consumer benefited from this stipulation, including Apple itself.

At a very high level, in order to qualify as sandboxed, developers must write their apps in such a way that they can function without the need of information outside that which the user inputs into said application. The actual distinction is much more nuanced and complex, but for simplicity’s sake assume this covers at least the basic concept. Put differently, when written according to these guidelines, the result ought to work regardless of other apps and services installed on a given machine; its self-reliance demands that, for the most part, all the necessary features and functionality be built in and accessible to the app every time it runs.

As I thought about this the other day, it dawned on me that perhaps Apple’s move to sandboxing on OS X and the associated boost in security was not a goal in and of itself, but rather an incidental benefit flowing from their shift to annual release cycles and the resulting necessity to have fast development among small teams. In this way, on top of the security benefits that come naturally from restricting applications from accessing each others’ data, this then-newfound mantra would have also made it much easier for Apple to develop by department — they can develop in their own sandboxes now, if you will forgive the bad joke, and thus spend less time and energy worrying about app interoperability and more valuable time and energy focusing on creating great products. Because, after all, in the end it is the resultant experience with which Apple is truly marketing itself and attaining fantastic success.

This is no earth-shattering revelation, I will readily admit, but rather little more than a potentially interesting observation I happened upon one day as my mind wandered from one indeterminate thing to another just as wispy thought. But it is my hope that some will find this somewhat interesting, and if at the end of the day I have pushed just one person to thought, then I will have succeeded.