Comment Re:As an Apple hater, I disagree. (Score 3, Insightful) 343
Should I have to bundle together an editor, source control, and an interpreter in order for those programs to use the same files inside the sandbox? Should I do this for every language I want to develop in using that editor?
... Would Apple close that hole, or reject me from the app store for that reason?
No, no, and no. Sandboxed applications have free access, forever, to files and folders you explicitly select, where "forever" can even include subsequent versions of the same app. Many vendors are running away from sandboxing "to improve user experience" in ways that directly conflict with the whole notion of sandboxing: accessing the user's SSH private keys without confirmation, using Apple Events and/or the Accessibility API to control arbitrary third-party applications, and so on. Apple's goal seems to be to maximize the number of applications that can be reasonably sandboxed without undermining the whole idea of sandboxing, using the App Store and iCloud as "carrots", because they're trying to address a problem Microsoft never did: most developers don't give a damn about the mitigation of security vulnerabilities in their applications. It's a hard problem, and discussions like Marco's will ultimately contribute to a better solution, but "give up sandbox requirements" isn't an endgame I'd like to see.