top | item 46715982 (no title) CaRDiaK | 1 month ago Apple did actually introduce its own container framework in Tahoe, but it’s still early days. https://github.com/apple/container discuss order hn newest solarkraft|1 month ago These are Linux containers in a VM, I’m pretty sure GP is talking about native macOS containers.Which: They do actually have some container-like sandboxing tech around applications (“iTerm wants to access your downloads folder”). retsl|1 month ago Yes, afaik macOS apps could theoretically be sandboxed as well (or close to) as iOS apps are. You can find the policies for many first-party apps and deamons in /System/Library/Sandbox/Profiles. But in practice most third-party apps aren't.https://bdash.net.nz/posts/tcc-and-the-platform-sandbox-poli... and https://bdash.net.nz/posts/sandboxing-on-macos/ are good introductory articles.
solarkraft|1 month ago These are Linux containers in a VM, I’m pretty sure GP is talking about native macOS containers.Which: They do actually have some container-like sandboxing tech around applications (“iTerm wants to access your downloads folder”). retsl|1 month ago Yes, afaik macOS apps could theoretically be sandboxed as well (or close to) as iOS apps are. You can find the policies for many first-party apps and deamons in /System/Library/Sandbox/Profiles. But in practice most third-party apps aren't.https://bdash.net.nz/posts/tcc-and-the-platform-sandbox-poli... and https://bdash.net.nz/posts/sandboxing-on-macos/ are good introductory articles.
retsl|1 month ago Yes, afaik macOS apps could theoretically be sandboxed as well (or close to) as iOS apps are. You can find the policies for many first-party apps and deamons in /System/Library/Sandbox/Profiles. But in practice most third-party apps aren't.https://bdash.net.nz/posts/tcc-and-the-platform-sandbox-poli... and https://bdash.net.nz/posts/sandboxing-on-macos/ are good introductory articles.
solarkraft|1 month ago
Which: They do actually have some container-like sandboxing tech around applications (“iTerm wants to access your downloads folder”).
retsl|1 month ago
https://bdash.net.nz/posts/tcc-and-the-platform-sandbox-poli... and https://bdash.net.nz/posts/sandboxing-on-macos/ are good introductory articles.