Panic

Panic Blog

From the desk of Cabel
Portland, Oregon 97205

Coda and Sandboxing

Before we can add new features to Coda 2 in the Mac App Store, we must first “Sandbox” it — adhere to a set of Apple guidelines aimed at increasing the security of Mac OS X.

What does this mean, really?

Well, for safety, sandboxing limits an app’s access to your local files until you give the app explicit permission to interact with those files. And once you’ve done this, your permission is remembered in the future. In other words, Coda won’t be able to see most of your local folders until you specifically select them in a traditional “Choose” dialog. The good news? Coda has Sites, and Sites have a Local Path, and once you “Choose” the Local Path when setting up your site, you’ll be able to view that folder and interact with it in the future. The bad news? You’ve got to reset all of your Local Paths, and if you don’t use Sites in Coda (which would be a bit weird) there will be brief bumps.

These changes should only affect the Mac App Store version. And we think most users won’t even notice that anything has changed.

Here’s the full list of what will change, slated for a future Coda release:

1 Local Root

Your site’s “Local Root” will have to be reset. You’ll be prompted to do this the first time you try to connect.

You only have to do this once for each of your sites!

2 Go To Folder

It will no longer be possible to “Go To” any local path by typing it in. “Go To Folder” on a Local path will now bring down a traditional “Choose” panel.

3 Path History

In the Sidebar and the Files browser, the “Path” pop-up can no longer show anything above your defined Local Root. To go above your Local Root, you’ll have to use Choose.

If you’re not working in a Site, you will land in a generic sandboxed home directory, and must Choose another folder to continue.

You only need to “Choose” a folder once!

4 Path Bar Browsers

If you click on a folder outside of your Local Root, you have to manually choose the folder via Choose panel.

You only need to “Choose” a folder once!

5 Saving Files

It’s no longer possible to Save files you don’t have write access to, and Coda is no longer able to offer an authorization dialog to permit this behavior.

This includes any files you don’t own and don’t have proper permissions to write, such as files owned by a “web” process.

This is also an App Store restriction.

6 Get Info

It’s no longer possible to change permissions of files that require Administrator/Root access from Coda’s Get Info window.

You’ll have to switch to the Finder and adjust permissions there before editing these items.

This is also an App Store restriction.

7 Places

Any Local places will be cleared during the upgrade, and will need to be recreated, once.

Note: Places are defined per computer, so they will need to be reset on each computer Coda is used on.

8 SVN and GIT

Tool paths may need to be reset depending on their location on your computer.

9 Local Shell

Coda will no longer be able to open a direct local shell/terminal. (You could always turn on Remote Login in Sharing preferences, and connect through that.)

That’s it. What do you think?

For the truly curious we’ve put together a special Coda 2 build with these changes.

Experimental

If you wish to try Coda Sandboxing Test, it’s critical you understand this build is experimental and beta-quality. You must back up your system first.

Also, you must be currently using Coda 2.0.6 or higher. And if you’re using the Mac App Store + iCloud version of Coda 2, you must first turn off iCloud Sync in your current Coda, before launching this build.

Got that? Download the build here. (50 MB .zip)

We don’t have a timeline on this release, but we’re curious to know your general thoughts on Coda 2 and Sandboxing. Once again, we do not think these changes will affect most people, but we’d love it if you could please take this survey:

[polldaddy survey=”CE7F658FF4C50ABA” type=”button” title=”Take Our Survey!” style=”inline” text_color=”000000″]

Thanks for reading, and thanks for using Coda 2. We’re excited to finish sandboxing and start work on more new, awesome things!

Posted at 1:11 pm 8 Comments

Garrett Murray

12/12/2012 4:39 PM

Well, I don’t know about you folks, but I definitely think this proves sandboxing App Store apps is great for users and Apple is totally headed in the right direction with all of this *😒 UNAMUSED FACE*

This looks like the best way to implement a transition from traditional filesystem access to sandboxing – very clear and defined.

What might be the problems encountered if you were developing a new app from scratch with Sandboxing? Would there be easier ways to design it were sandboxing not being implemented on an existing app?

Anticipating THIS nonsense is exactly why I bought directly from Panic.

Sam —
The trouble with the sandboxing APIs is that Apple designed them for “document-based” applications. They envisioned an application like Pages, where the user opens a document, edits it, and then closes it. The API is very poorly designed for apps that want to do complex things with many different files, like Coda, a GIT client or many “utility” applications such as disk tools or backup apps.

Apple needs to modify the sandboxing APIs to better support apps that are not strictly document-based.

Wooster —

A very wise decision.

I hope that this won’t affect my ability to open a file from Transmit and edit it in Coda2, then automatically push my saved changes back to the server… If I can’t do that anymore, I will be sad… :o( (and I may need to buy the website version for work rather than the app-store version the office supplies). Either way, keep making great software guys!!! :oD

Hope there’s a way to convert to being a direct customer instead of a MAS one… be good to talk about that here.

Bob: You can already migrate from MAS to Direct! Just keep your MAS build on disk somewhere, launch the direct build, and choose Purchase > Unlock Coda. I’ll add this to our FAQ.

If you have thoughts about Coda and sandboxing, please take our Survey, above!