Specifically, I’ll be discussing a technology called “security-scoped bookmarks.” Please check my column here on AppCoda for Part IV. In my second tutorial, I examined the app sandbox and then built an app that, whether sandboxed or not sandboxed, could read and write outside of its container - and could be sold and distributed either outside the MAS or through the MAS, both with Apple’s blessings.įinally, in Part IV, I’ll guide you step-by-step through the process of “remembering” a user’s intent regarding access to system resources that Apple considers vulnerable to attack by malicious software. In the first tutorial in this series, I built a non-sandboxed app, discussed certificates, signed the app, notarized it, briefly talked about building an installer, signed and notarized the installer, and lastly touched on distribution of the app installer. This is the third part in a four-part series of tutorials comparing the differences between distributing macOS apps inside and outside of the MAS, comparing sandboxed and non-sandboxed apps, and considering app security.
