I use a number of tools for things like security scanners that allow me to see if there are any holes in my setup, so I can patch them. The same technique can be used for good or ill. So what’s the difference, other than intent and use of the data? Well, nothing. Handy, no?īut if you’re an evil dev, then you look for things like phone numbers or numbers separated by a ‘random’ dash or space, or the heck with it, just copy everything typed, and send it out to a server somewhere. You type, say “mosx” and poof! “Mac OS X” appears on your screen. Now, if you’re an awesomely cool dev like Smile Software, there’s no harm. For example, by reaching into another application’s process, and oh, I don’t know, monitoring everything the human types, and taking predermined action if the “right” thing is typed. So okay, sandboxing is designed to protect against malicious code exploiting an application. Turns out not everyone is happy with Apple’s sandboxing rules App Sandbox also minimizes the damage from coding errors in your app or in frameworks you link against. But first, let’s see a tl dr explanation of sandboxing:Īpp Sandbox provides a last line of defense against stolen, corrupted, or deleted user data if malicious code exploits your app. I find all this somewhat amusing and depressing because all I can think is “ …and you’re SURPRISED by this?” If you have even a conceptual grasp of sandboxing, the fact that TextExpander’s new version won’t be in the Mac App Store should be about as surprising that one won’t find daisies growing in a tar pit. So, a story tailor-made for the “blogosphere” hit recently, of the new version of TextExpander 4, and how it’s a “victim of sandboxing.” ( If you say that like you’re an 80-year-old southern belle reaching for her hankerchief and fainting couch, you get the general mood of things.)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |