zlacker

Hmmm. I'd have to check. The use case given for that API (good spot) is for IDEs, where files are often in different sub-directories, so granting folder access wouldn't be enough. But you might be right, it's been a while since I looked at the details of this stuff. I do remember the bookmarks mechanism. It's all quite well thought out relative to other platforms (as per usual for Apple), but for as long as Apple treat it as an exploit mitigation mechanism rather than as a way to rapidly run untrusted code it's not going to get much traction outside the App Store where they force it.

My guess is that their security folks aren't convinced by the robustness of the sandbox and don't want the pain of trying to defend it, which is a pity (for them), because it just throttles their own platform and pushes people towards the web. The browser guys apparently can define a sandboxable platform: why can't Apple?

Re: custom file browsers. Yes, that's a good point. I think you can request access to whole parts of the file tree though even when sandboxed. You have to mark them as exceptions via entitlements and it's automatically granted. Because Apple see the sandbox as a way to mitigate exploits and not allow execution of untrusted code, that sort of approach works fine.