The Omni Group
These forums are now read-only. Please visit our new forums to participate in discussion. A new account will be required to post in the new forums. For more info on the switch, see this post. Thank you!

Go Back   The Omni Group Forums > OmniFocus > OmniFocus Extras
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Will sandboxing shut down inter-app applescript ? Thread Tools Search this Thread Display Modes
Andy Inhatko for one is feeling uneasy about the implications for Applescript of the AppStore's imminent sandboxing requirements.

I mainly use OF as a kind of operational front end to my Devonthink databases, and would be a bit discouraged if instant (scripted) exchange of messages/data between applications was to dry up ...

Is there an Omni view of what sandboxing (and other elements of iOssification) mean for the future of Omni scripting?


Last edited by RobTrew; 2011-10-06 at 07:08 AM..
Well, a circumspect silence on the Omni side of this, but a frank, helpful and slightly worrying response from Christian Grunenberg of DEVONtechnologies.

I think that the golden age of Mac and OS X may be coming to an end. Mickey Mouse approaches :-)

In the end, Microsoft bit off more than they could really chew. A risk for Apple now, as well.

Where next ? Ubuntu ?


Last edited by RobTrew; 2011-10-14 at 09:41 AM..
Thank you for the post and references. It sparked a lot of interest and further reading.

As a low-level user of and otherwise strong proponent for robust Applescript in my core applications, I remain curious about where this will go.

Having read a bit further, I think the questions I have can be framed specifically as ...

1) Are you bemoaning that OmniFocus will loose open permission to push information out and demand it to be stored in to a DevonThink database via an Applescript conduit?

As a user who demands integrity in application security, I would certainly want to put an end to this type of behavior for any app as a bad practice all around. OTOH ...

2) Are you bemoaning that OmniFocus will no longer be able to serve up information internal to its own database after a request from DevonThink that has been offered via Applescript as a conduit?

I would certainly hope this can still be possible because (if I understand correctly) the sandbox control would actually be on how the request is initiated, not on the request itself. IOW, when YOU have DevonThink as the frontmost app, you should have sandbox permission to initiate such an Applescript request directly from DevonThink to "pull" information from OmniFocus, however when DevonThink is a background app, "Applescript" as the "user" should be denied permission categorically to initiate that same request.

Basically, my thought is, while you should still be able to use DevonThink to pull information from OmniFocus, you should never be able to use OmniFocus to push information in to DevonThink. In addition, no one but the "real you" should ever be able to command DevonThink to pull information in to itself from somewhere else.

I hope this is clear in my as-yet-still-muddled understanding of the implications of a sandbox.

I might comment more, but could you elaborate further in case I am misunderstanding?

I suppose the dilemma of universal machines is that they can be used for consumption as well as production.

Treating apps as fields in which consumers can happily graze, and sticking up electric fences all around, is probably a good enough way of separating the sheep from the wolves.

I wonder, however, if the application is really the relevant level of scale when machines are used for production ? A work-flow of any real complexity will need a tool-chain - hence the venerable unix pipeline.

Electric fences ? Well, it's one way to manage sheep (or prison populations) but on your own farm, you need to able to switch them off.
( if you find you can't, then it's probably not your farm anymore )
I think apple is eager to keep the name of the "secure" and "easy" platform that it has been building over the years. The things they invent are pretty nice and for a majority I think they are sufficient. Moe even, I think people enjoy that things are simple and easy, presenting them a beautiful UI (well, until now...lion calendar, anyone?) and limited ways to [screw things] up. However, for those who see their machinery as tools for "power"usage or, maybe better, for those who are willing and knowing enough to use the tools in ways going beyond the most obvious features, apples products have serious shortcomings.

Simple yet really annoying example: iPhone and it's notifications. I was really looking forward to notification center and especially lock screen notifications. It's good in parts. It's relatively easy. If I only use a private, work and kids calendar than it helps me keeping oversight. If, however, I have 10 calendars for various needs including stuff I need to have in my calendar for seldom use but do really not need to be reminded of on a daily basis them apples notifications have serious shortcomings. Why can I not select which calendars are represented in notification center? The way it is now I have the list either cluttered with junk (week numbers, sports events on TV etc) or missing relevant information. A great feature crippled by making it too "easy".

Then, iPhone lacks profiles. That's another non-success story. It is beyond me why they do not give me the ability to define whether or not emails should trigger a vibration alert in silenced mode? Why can I not say "put all sound and vibration notifications off from 11pm to 5am,then on again"? Nokia, HTC and others had that 10 or more years ago I think. It can't be hard to implement. My theory is that it would not match apple's image as being "user friendly".

Send boxing goes into the same direction. The vast majority of people will not care about sand boxing limiting scripting abilities. On the contrary, they will be happy about the decreased risk of anybody stealing their data or something to that extend. Most people do not script. However, and as you excellently put it, if there are "electric fences" then there should be a big switch screaming "touch at own risk" in red and yellow. And if you decide to press it, you are on your own regarding the increased risks. They way it is now it as, actually, not only not my farm anymore. I got the feeling the sheep are taking over the farm and decide themselves what best protects them from the wolves because they do not trust me with this anymore. And that is some arrogance that does not go well with the image I had of apple in the past (not the most recent) years.

Last edited by Brian; 2011-10-17 at 06:50 PM.. Reason: minor edit to remove profanity.
Originally Posted by Christian View Post
Most people do not script
Probably very true of those whose computers have essentially become shopping malls and platforms for content consumption.

I would guess, however, that a fairly high proportion of those who use their machines for content creation do make use of scripts, even if they don't tend to write them.

( If I worked in Redmond I might see this as an opportunity - Word and Excel always ran faster, and with better keyboard assignments, on the other platform. Perhaps those guys could encourage a stream of OS X refugees who have found their offices forcibly converted into shopping mall gallerias. )
True. I think that if apps will actually consequently sabotage scripts then nobody will write any anymore and a lot of good ideas will get lost.

It would be nice to hear about this topic from OF. Any knowledge about the future of interactive scripting?
It's hard to provide an answer to that question, Christian - not everyone at Omni went to WWDC this year, and those that did go are under a non-disclosure agreement. I'm not one of the folks that went to WWDC; I have no idea what Apple may be planning. If I was in their shoes, though, I'm honestly not sure what I would do.

If I can make computers easier to use and less scary for millions of people out there, is it worth taking away a feature used by a very small fraction of those people to author tools used by a larger (but not large in an absolute sense) fraction?

On the one hand, I want Rob to be able to write the awesome scripts that he writes; on the other hand, I want Apple to achieve tons of success and popularity without enabling the kind of spam-generating-botnet nightmares that occur on other platforms.

I also know that no matter how much of a warning label you put on a security risk, some folks will do the risky thing without knowing what it really means.

From my observations, when faced with a conflict between what's good for power users and what's easy for most folks to use and understand, Apple chooses in favor of the latter. Sometimes I like what that means (popular software platforms where average people aren't terrified that new software will destroy their device) and sometimes I don't (when tools I like a lot stop working together - OmniWeb and 1Password under Lion, for example).

Personally, I hope that Apple finds a way to let smart users get what they need from their tools without letting bad things happen to regular folks. I have no idea if that solution will be based on AppleScript or not - that comes a distant third behind "let everyone have access to computing" and "let smart people do really awesome things".

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
Thread Thread Starter Forum Replies Last Post
Linkback and sandboxing Joe Alexander Omni Lounge 1 2012-09-26 10:17 PM
Differences in OF due to MAS sandboxing jason.verly OmniFocus 1 for Mac 1 2012-06-07 04:38 PM
Does sync continue after auto shut-off? Lightstorm OmniFocus for iPhone 5 2009-01-15 05:43 AM
Managing inter-project dependencies zedboy OmniFocus 1 for Mac 4 2007-09-03 07:16 PM

All times are GMT -8. The time now is 07:10 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2024, vBulletin Solutions, Inc.