Page 2 of 2 FirstFirst 12
Results 16 to 19 of 19
  1. #16

    vansmith's Avatar
    Member Since
    Oct 19, 2008
    Location
    Toronto
    Posts
    19,782
    Specs:
    2012 13" MBP (2.5 i5, 8GB)
    Quote Originally Posted by Thor-HoG View Post
    For instance, FireFox is not sandboxed. If you asked me, that's crap as any browser should be required to run in a sandbox, but oh well.. Safari doesn't either :/
    Why? I think you might be overestimating the capabilities of sandboxing. It's not bullet proof (in fact it can be easily circumvented as it was in 2011 and 2012) and by no means offers protection against catastrophic failure. A more effective solution, and one that all browsers have now done, is process and plugin isolation.

    Quote Originally Posted by chas_m View Post
    Developers don't really have much choice in the matter.
    They certainly do and Apple can be thanked for this. Since Apple limits the types of applications that can be put on the MAS and makes you pay to get a signed certificate, there will always be a glut of applications that require the "anywhere" permission. Although I don't represent the majority of independent developers, the software I make won't be going on the MAS nor will I pay Apple the $99 to gain the privilege of attaining a certificate.

    This is nothing against Apple (until they remove the "anywhere" option) but rather to suggest that there will always be a group of people, and I'd say of a significant size, that need to install and run unsigned non-MAS software.
    Important Links: Community Guidelines : Use the reputation system if you've been helped.
    M-F Blog :: Write for the blog
    Writing a Quality Post

  2. #17


    Member Since
    Mar 12, 2013
    Posts
    6
    Arrow Was: password requirement Now: Sandboxing
    Quote Originally Posted by chas_m View Post
    But sandboxing shouldn't be mistaken from the kind of protection setting it to "only allow installs of apps from the Mac App Store or signed Apple developers" does.
    I don't understand. The only reason selecting "App Store and Apple" has any value at all is because App Store apps must have an Apple code-singing certificate. The only reason the code-signing cert distinction has value is because App Store devs must implement sandboxing in their apps. Interestingly enough, Apple's apps don't have to be sandboxed at all.

    That's the only reason the "App Store and Apple" setting, as opposed to "Anywhere" has any value.

    So my question is, what other security benefit do you think one gets by not selecting "Anywhere"?

    t

  3. #18


    Member Since
    Mar 12, 2013
    Posts
    6
    Quote Originally Posted by vansmith View Post
    Why? I think you might be overestimating the capabilities of sandboxing. It's not bullet proof (in fact it can be easily circumvented as it was in 2011 and 2012) and by no means offers protection against catastrophic failure. A more effective solution, and one that all browsers have now done, is process and plugin isolation.
    I never suggested it was "bulletproof." Nothing is, and I never expect it to be. Regarding Firefox (and others) plug-in sandboxing, that's all and good. Security in depth is the best way to do. However, I disagree that is it "more effective" than sandboxing. An hierarchical "sandboxing" as FF does with plug-ins works well when the plug-in is behaving well, and when the OS has been written to properly handle *any* possible breach. Sandboxing on the other hand, requires that the sandboxed app itself explicitly identifies only the required access to the sandbox engine in code. This gives you *two* layers of protection. An attack against the app will have to bypass the apps explicit code, and then it will have to bypass the wrapping sandbox.

    Further, there are any number of attack vectors via browser exploits. I say again, ALL browsers should be written to sandbox requirements if they want to be responsible for security. Plug-in isolation would only apply to a plug-in, not to the million other vectors out there.

    t

  4. #19


    Member Since
    Jan 22, 2010
    Location
    Victoria, BC
    Posts
    20,911
    Specs:
    Mid-2012 MBP (16GB, 1TB HD), Monoprice 24-inch second monitor, iPhone 5s 32GB, iPad Air 2 64GB
    Quote Originally Posted by vansmith View Post
    They certainly do and Apple can be thanked for this. Since Apple limits the types of applications that can be put on the MAS and makes you pay to get a signed certificate, there will always be a glut of applications that require the "anywhere" permission.
    True, but I think you're overestimating the number of people who will ever change the default settings on the security of ML going forward. Even I don't -- I will turn it off *temporarily* to download a specific thing I know I need, but then put it back on again. I like to think I'm not very gullible but I can envision some social engineering of the right sort tricking me someday.

    Although I don't represent the majority of independent developers, the software I make won't be going on the MAS nor will I pay Apple the $99 to gain the privilege of attaining a certificate.
    My dev years are long behind me (until I get a killer idea I guess) but I always felt that the cost of being a registered Apple Developer was modest compared to the money you were likely to make off their infrastructure (not to mention deductible). If you're not making money on said software you have a point but if you are I think "giving back" a bit is a good idea.

    Let me be clear about this: I'm referring to the membership in the Dev program, NOT having to sell from the MAS store, your point about that is well-taken.

    This is nothing against Apple (until they remove the "anywhere" option) but rather to suggest that there will always be a group of people, and I'd say of a significant size, that need to install and run unsigned non-MAS software.
    Not of significant size IMO (at least compared to the number of people who do not need to ever run unsigned software), but yes there will always be some.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. remove password requirement for 8.0
    By Pat1000oaks in forum iOS and Apps
    Replies: 5
    Last Post: 09-24-2014, 05:32 PM
  2. How to disable requirement to enter password
    By MYmacROX in forum OS X - Operating System
    Replies: 11
    Last Post: 07-28-2013, 01:46 AM
  3. I need to end password requirement to print
    By lesnorvell in forum Switcher Hangout
    Replies: 5
    Last Post: 02-04-2011, 10:23 PM
  4. Password requirement for every frikkin thing!
    By dimushi in forum OS X - Operating System
    Replies: 7
    Last Post: 11-03-2010, 06:43 PM
  5. Can I disable login/password requirement in 10.5?
    By johnwd5 in forum Apple Notebooks
    Replies: 3
    Last Post: 03-29-2010, 04:40 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •