> no application outside the App Store (where sandboxing is mandatory) sandboxes itself.
Usually applications distributed outside the app store would simply not work (or be limited to close to useless) if sandboxed.
My pet example these days, DaisyDisk, cannot show what takes 10-30% of my space in the app store version. And can't delete protected files in Applications etc.
Which would be nice if it were a malicious free to play game, but it's an application that graphically reports what's taking space on your computer and optionally deletes stuff that you've chosen. So it simply can't work well inside the sandbox.
Usually applications distributed outside the app store would simply not work (or be limited to close to useless) if sandboxed.
I disagree. Sure, there are some applications that need to be distributed outside the App Store because they need additional privileges (like DaisyDisk), but there are many applications that are distributed outside the app store that could be sandboxed. Just to give some examples, why do Discord, Signal, Obsidian, Dash, or 1Password have unsandboxed processes? (1Password was in the App Store and sandboxed before it became an Electron app.)
Well we can't blame Electron for this, as much as I'd like to, since there are Electron apps in the app store.
Discord asks for the accessibility option to read system wide keystrokes for push to talk. Can sandboxed apps do that?
Also, no matter how secure the app store is, i'd very much like to be able to install applications without -ing Apple's permission. So having something available in the app store doesn't give me a warm fuzzy feeling.
Usually applications distributed outside the app store would simply not work (or be limited to close to useless) if sandboxed.
My pet example these days, DaisyDisk, cannot show what takes 10-30% of my space in the app store version. And can't delete protected files in Applications etc.
Which would be nice if it were a malicious free to play game, but it's an application that graphically reports what's taking space on your computer and optionally deletes stuff that you've chosen. So it simply can't work well inside the sandbox.