OS X: Sandboxing = more crashes

Posted by Pierre Igot in: Macintosh
June 19th, 2013 • 9:09 am

This is something that pisses me right off.

Apparently, according to Apple, sandboxing is good for us. After all, it “provides a last line of defense against the theft, corruption, or deletion of user data if an attacker successfully exploits security holes in your app or the frameworks it is linked against”. Yay.

As far as I can remember, with no particular effort on my part to protect myself against thieves, hackers, and so on, I have never been the victim of a single act of theft, corruption, or deletion of my user data on my OS X by an attacker. (What has happened to me on-line is another matter.)

Since the introduction of this “sandboxing” thing, on the other hand, I have most definitely been the victim of this kind of thing:

mail-sandboxcrash

I am no expert, but I have little doubt that the above is a report on a crash that was caused by a bug in Apple’s “sandboxing” system (full crash log here). And it’s not the first one I have experienced. What did I do to deserve it? Nothing. I was simply composing an e-mail and tried to attach a file to it using the standard Open File dialog box.

So let me get this straight: In the name of improving my security, which has never been under threat as far as I can tell, Apple has introduced a new “feature” whose net effect is, quite simply, that I experience more crashes than I used to, through no fault of my own.

Great.

Now, let’s go back to the statement quoted above: sandboxing ““provides a last line of defense against the theft, corruption, or deletion of user data if an attacker successfully exploits security holes in your app or the frameworks it is linked against”.

Is it just me, or is this “last line of defense” not another way of telling developers: “Don’t worry if you introduce security holes in your app. We’ve got the user covered.” In other words, won’t this approach have the undesirable effect of making developers sloppier in their work?

And if the sandboxing system causes crashes so easily, how reliable can it really be anyway?

We had the nanny state. Now we have the nanny OS.


Comments are closed.