Starting on March 1st, 2012 all applications submitted to the Mac App Store must be sandboxed. Third-party developers must make a list of all the things they'd like their applications to do, and Apple must approve the items on each list. Each list item is called an entitlement, and Apple has an approved list of entitlements for tasks such as sending a document to the printer, accessing the internet, or saving a file to a specific location. The approved list of entitlements is limited, and not all applications fit into the list of tasks Apple would like to see applications perform on the Mac.

An application that requests a task that is not available in Apple’s list of entitlements will be rejected from the App Store. Applications that make it through the Mac App Store approval process will be digitally signed by Apple with the entitlements they are allowed to perform. An application that is modified to run a specific task outside its approved list of entitlements will not match the digital signature provided by Apple, and will be prohibited from running under Mac OS X.

Developers are concerned Apple’s limited list of entitlements will make their applications incompatible with the App Store, and thus incompatible with the primary way applications are sold on the Mac. Conspirators theorize that in the future the App Store will be the only way to install software on the Mac, and there will be no recourse for Apps that need to perform tasks outside of Apple’s approved list of entitlements.

Wil Shipley, a prominent Macintosh developer, theorizes that Apple’s sandboxing initiative is motivated by concerns over security and privacy. He argues digital certificates that are issued by Apple and signed by developers are a more appropriate way of enforcing these concerns because Apple would no longer have to maintain a list of entitlements, and third-party developers would no longer have to sandbox their applications. With digital certificates a applications source can be verified, and misbehaving applications could be instantly deactivated by Apple as soon as a problem app is identified. Digital certificates might not keep every computer from becoming infected, but they would prevent a single application from becoming a widespread security risk. I am not a developer or a security expert and I can’t say if sandboxing or developer signed certificates are the best way to secure the Mac. What I can say is that security is not the primary motivation behind Apple’s interest in sandboxing future Mac apps.

Apple wants to abolish the filesystem. Steve Jobs made this clear during the 2011 WWDC Keynote when he introduced iCloud document syncing.

Documents in cloud really complete the iOS document storage story, too. Apple's been working for 10 years to get rid of the file system. So users wouldn't have to worry about it. Teaching someone how to use the Mac has been held up by this file system - hunting for files. On iOS, you don't have to think about it. It solves how you move documents between devices. Apps can store documents in the iCloud and get them pushed to all devices, update on all when changed on any. Developers will have APIs to tie into this. It can sync key/value data, complex docs, or more. Works with Macs + PCs too.

The Macintosh is incompatible with Apple’s vision of an iCloud centric future. Built upon the desktop metaphor, the Mac relies on a users understanding of files, folders, and hierarchy to move data around. iOS has never had a filesystem, and has always had application sandboxing. iOS users know how to access and share their data from the application they used to create it. In order to simplify the Macintosh user experience, and for documents on the Mac to sync seamlessly with iCloud, the filesystem must be eliminated.

Sandboxing applications and controlling their behavior with entitlements is the first step to eliminating the filesystem. Once access to the filesystem is controlled it can be replaced with the same application centric storage model used on iOS. Apple’s own applications like iTunes, and iPhoto have been leading the way towards application centric data storage on the Mac. Users know if they want to access their music they go to iTunes and if they want to access their photos they go to iPhoto. Even iMovie and Final Cut Pro X contain browsers for viewing the preferred location for video files on the Mac. Soon all applications will work this way.

Developers are concerned Apple’s limited list of entitlements will make their applications incompatible with the future of the Mac. They have a reason to be concerned. It may not happen in Mac OS 10.8 or even 10.9 but someday soon the filesystem will be gone. Sandboxing is only the first step. The operating system on today’s Macs can already be restored from the net. The applications we use everyday can be already downloaded from the web. And very soon the data we use across all of our computers will be backed up in the cloud. Disk Utilities, Anti-virus software, and filesystem browsers will all be irrelevant. Computers will be more reliable, easier to use, and everything will be downloadable from the internet. Application and not the filesystem are the future of computing. You may not agree with this vision of the future, but mark my words it is coming. The sandbox is only the first step.