alt Hacker NewsIt seems like running with sandbox-exec should remove pretty much all the potential for an app to cause harm… is there a reason why it’s not the default, especially for these certificate-less apps?
It seems like running with sandbox-exec should remove pretty much all the potential for an app to cause harm… is there a reason why it’s not the default, especially for these certificate-less apps?
I believe that at least app-store apps are already ran in some sort of sandbox.