The Mac App Store and the trouble with sandboxing

Apple's requirements for apps sold in the Mac App Store prevents many useful utilities from being made available. Should Apple change its tune on sandboxing?

I've written before about some of the limitations that Apple imposes on game developers who want to sell their games through the Mac App Store. The problem isn't limited to games — Apple's rules for how Mac App Store apps work keep lots of different apps from being distributed.

The year after the Mac App Store launched, Apple announced that apps sold using the service would have to be sandboxed. Sandboxing is a security technique that's been around since the dawn of iOS apps — it restricts the access that an app has to other user data and other system resources other than what it needs to get its job done.

Sandboxing in the Mac App Store means that users can be reasonably assured that the apps they're downloading won't compromise the security of their computer or damage the system in any way; it also makes sure that apps won't interfere with each other.

Sandboxing enforces the idea that good fences make good neighbors — that applications work better if they don't interfere with each other or the operating system itself. That's all great in theory, but in practical terms it's not always the best solution, at least not on the Mac.

Take an app I use every day - TextExpander from Smile Software. TextExpander is a handy utility that enables me to type shortcuts (or as they call them, "snippets") that then get expanded into longer text. For example, when I type:


TextExpander knows and automatically expands it to:


So with TextExpander, I can save myself a lot of keystrokes in the course of a day. But in order for it to work, TextExpander needs to keep an eye on what I'm typing. So-called keylogging apps violate Apple's sandboxing guidelines because they require systemwide access, so Smile had to go outside the Mac App Store in order to sell it.

Customers who want the app can download it from their web site, and Smile no longer has to fork over 30 percent of their gross sales to Apple. But it does reduce the potential market for the product, because many more Mac users — especially those new to the platform — are more likely to buy something from the Mac App Store than elsewhere.

TextExpander is hardly the only app I use which has been affected this way. Another app that I rely on, Bare Bones Software's text editor, BBEdit, is available for sale in the Mac App Store. But that version doesn't support authenticated saves, because by their nature, authenticated saves allow you to change files you don't own). What's more, command line tools aren't included. In both cases, you can work around these limitations by going to the Bare Bones web site and downloading additional scripts and packages, but it's an inelegant hoop to have to jump through simply to obtain full capability.

There are lots of examples of apps that simply can't be sold in the Mac App Store altogether because of Apple's sandboxing requirements. Many apps that use plug-ins, apps that rejigger aspects of the operating system (some audio recording apps and screencasting tools) and others won't pass muster with Apple, and have no choice but to live outside the Mac App Store environment.

Like I said at the outset, sandboxing makes good sense for Apple from a security standpoint. That's one reason why Apple's Gatekeeper software, built into OS X, is restrictive — by default, it's set to only allow apps to be installed that originate from Apple or from "identified developers."

You can Control-click those installers to open them individually, or you can reset the Mac's security settings to allow apps to be downloaded from anywhere instead. But it's another barrier against the installation of software that might give a casual user pause when they try to download an interesting app from a perfectly legitimate developer.

It's hard to argue with the success of the Mac App Store. Since it launched in 2011 it's created a vibrant marketplace for Mac software developers to sell their goods. Its use of Apple ID credentials means that millions of customers can use it right away, even if they've never purchased Mac app software before.

But access to the Mac App Store, at least for the developer, comes at a price: working within Apple's restrictive requirements. And for some eminently useful software tools, that's simply not possible. Those developers will have to remain on the outside looking in, at least for now.

Is Mac app sandboxing a big deal for you? Have you had to go outside the Mac App Store to get the tools you need to do your work? Sound off in the comments, I want to know.

Peter Cohen