Support versioned sandbox compliance
| Originator: | jalkut | ||
| Number: | rdar://10908788 | Date Originated: | 22-Feb-2012 12:07 AM |
| Status: | Open | Resolved: | |
| Product: | Mac OS X | Product Version: | 10.7.3 |
| Classification: | Serious Bug | Reproducible: | Always |
As the sandbox is in flux and constantly (quickly!) evolving, it's producing a conundrum for app developers who support 10.7 but also support 10.6.x. For these developers, it's difficult to handle the scenario where a user installs and launches the app on 10.7, 10.7.1 or 10.7.2. On these systems, the app is technically "capable" of running, but will fail to behave as expected because of reliance on sandbox technologies that are not available until a later OS release. My proposal is to provide some kind of versioning mechanism for sandbox compliance, starting with a new key that sandboxed apps can adopt to ensure that sandbox will not be imposed on them unless they are running a particular OS release or later. This will allow an app to say "I'm sandboxed from 10.7.3. on", for example. Ideally this versioned sandbox compliance would encourage more apps to go "sandboxed" than otherwise would, and the App Store review teams could consider the version dependency when evaluating an app. Perhaps the version compliance could be considered along the same lines as a temporary exception: you have to cite a radar explaining why you were not able to embrace the sandbox of an earlier version. As time goes on down the line, it will matter little to Apple whether a particular app embraced the 10.7, 10.7.3, or 10.8 sandbox environment, as long as they ultimately did embrace it. Providing this kind of versioning option will be a way to smooth the user experience for many apps who are only able to adopt sandboxing at a particular version where it becomes palatable to the app, and where a single non-versioned sandboxed key will produce terrible behavior on earlier implementations of sandbox.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
It's probably already possible to do it.
The non documented version of the distribution format used for Mac App Store application lets you specify a list of minimum OS versions.
You can specify something like:
10.6.7 10.7.3
This will let the application be installable on Mac OS X 10.6.7 & 10.6.8 and on 10.7.3 and later.
man productbuild
Of course, you would then need to sign your package with productsign and find a way to submit it for reviewing.
Now, the real question is: does the Mac App Store already support this feature?
According to WWDC 2012 Lab Mac App Store supports this feature
I was just told that the procedure described by dev.iceberg is also currently recommended by Apple staff at the WWDC labs. So App Store should support it and the review team should support OS X "version holes".
What it does not give us though is running unsandboxed on 10.7.0 to 10.7.2.