• Blog
  • Categories
    • App Store
    • Benchmarks
    • iOS
    • Objective-C
    • OS X
    • PHP
    • RV
    • Swift
    • tvOS
    • Web
  • Apps
    • Portfolio
    • Studio Pro
    • Sun & Moon
  • Photography

Projects

Remote Working, iOS, Mac OS X, and more

App Store

App Sandboxing Incompatibilities: Authorization Services

I’m currently working on a consulting job for a Mac OS X app. Since this app is distributed on the Mac App Store, it needs to adhere to the App Sandboxing requirement.

One of the enhancements on the to-do list is a feature where system administrators can lock down the editing portions of the app, leaving normal users with only the ability to execute existing presets. OS X provides a long-established way to do this in SFAuthorizationView, an interface component that has existed since OS X 10.3, and which you can see used in many system preference panes. Unfortunately, the limited coverage of App Sandboxing entitlements gets in the way of using it in this app:

Screenshot from documentation

It’s at least somewhat understandable based on Apple’s policies to prevent obtaining a system-level authorization with this API, but it’s ridiculous that it’s also preventing using an app-level authorization. It prevents an entire usage pattern for no apparent gain.

Radar #23718180

Previous
Next

Copyright 2023 Ryan Britton