Application sandboxing is a common practice in mobile and desktop operating systems, employed to prevent unauthorized resource access and protect users from malicious apps. In the context of macOS, the second most widespread desktop operating system, little has been studied on the topic of application security outside of malware research. Blochberger et al. performed an exploratory study of two application marketplaces for macOS in 2019, comparing sandboxing adoption in apps from the official app marketplace and a third-party one.
While their study provides very useful insights both for researchers and practitioners, by design, it excludes open-source apps, a limitation we aim to address in our current work.
We conduct a differentiated replication study, extending the application dataset to include open-source apps. Given the time difference between the original study and ours, we also check if the original results hold in the newer macOS version.
We confirm the original observations on sandbox adoption practices, noticing a significant improvement in sandboxing mechanism adoption in the closed-source apps from a third-party store. We also demonstrate the similarity of the results between sandbox adoption in closed- and open-source applications.
Our work confirms the applicability of the original sandboxing analyses in different contexts, such as dataset or test OS environment changes. We also demonstrate that open-source applications could be included in datasets used for the Apple ecosystem analysis.