Apple to require sandboxing in Mac App Store apps as of March 2012

People need to get over the fact that Carbon is dead. It was intended as an API bridge between C code and Objective C code, and it's over and done.

The death knell for it was when inodes when to 64 bits, but the (binary format) file ID compatibility system was 32 bits and incapable of being extended in a backward compatible way. This happened in Leopard as a result of XSan requiring a 64 bit inode because it split up the inode space into a 32 bit node/filesystem ID and a 32 bit inode number on that resource to attempt to provide more or less globally unique inode numbers.

As time goes forward, there's going to be less and less support for Code Warrior code -- the one real argument for writing Carbon code. Motorolla sold off the Intel version of the Code Warrior compiler two weeks before Apple announced the Intel switch, and that was years ago, so it's never been truly supported on Intel in any case.

Get over it.

I'd already decided to give Lion a miss. It's turning into Mac OS X Vista.

Speaking purely from a security perspective, the idea of sandboxing virtually 100% of user applications is a wonderful thing. The main reason why Windows and Mac are targets for virus authors is because user applications can run on the same level as the OS kernel. By forcing applications to be sandboxed by default, it adds an additional layer of protection to your machine that would make virus exploits much more difficult (note: not impossible, but definitely more difficult).

Some will argue that all these restrictive measures of sandboxing and gatekeepers like the Mac App Store will "kill personal computers." Sure, I will be sad to see a day where I have to "jailbreak" my laptop just to be able to run whatever applications I want, but I don't think that will happen. Mac OS X, like Windows, is in a transition, one that comes with some negatives but also some positives. It's going to work itself out in the end, so it's okay.

Call me an Appleholic but I don't see a problem at all. Unlike iOS's App Store, ones can always distribute their software without the App Store. User-friendliness including security is what makes the Store sounds. IMHO, the objective of the App Store is to help customers attempting new things, rather than a playground for developers to find guinea pig for half-baked toys. So sandboxing should be a "must" at the beginning.

I'm worried about how this would effect ports of applications that were originally written on Windows; games come to mind. I'm not a programmer, but I wonder how much more difficult it would be for popular games to be brought over, as I'm under the impression that they bypass some Windows system calls for a gain in speed.

Chris, Thank you for an insightful and well written article about this subject. It could have been fanboyism, it could have been cutting corners (which could have resulted in heated comments). I think it is just well written.

Well done!

one word (or two actually): mac jailbreak.

Im not negative to the idea of Mac App Store only, but as long as people still can make plugins to apps like Logic, Aperture and so on, I guess everyone is happy.
As at is is now, mac store apps can't be plugins to other apps.

Sandboxing is only supported on OS X 10.7. Does that mean that from March 2012 on, no Snow Leopard compatible apps will be available from the App Store?

Well, the path is pretty clear. After they require Mac App Store apps to be sandboxed, the next gen of the OS will then require that ALL apps be sandboxed. Current apps sold independently will have a year to convert to sandbox protocols or will not run. Wait and see. Its in the cards. Ahhh... the final push of the knife will be one more OS upgrade. That one will allow all apps that are on your computer to run, but new apps will HAVE to come from the Mac App Store. CHECKMATE !

Where is that discount coupon for Windows 9 ? ;)
-Ric