This is just a cash grab from Apple, and part of a series of unethical behaviour by a monopoly (eg app store dictatorship).
This would be totally unnessisary if apps could run in a sandbox. It wouldn't matter if I run some random game I downloaded off the internet if it can't do anything on my computer outside of its own sandbox.
And to the people that say it's not possible, just look at web browsers. Each website runs in a complete sandbox.
For apps that do need to use operating system functions, then you can escalate privellages with user consent. For example, mobile apps, that ask:
"This app wants access to your camera"
macOS ships with some of that already; users immediately complained that it turned their OS into Windows Vista. Perhaps the underlying problem is that Apple's sandbox is not under the control of the user, it's mostly controlled by Apple and (to a lesser extent) by the developer of the software itself. It's really a strange model if you think about itβ¦
That's actually an interesting way of looking at the problem of untrusted code. We might still need a way to signal to people what pop-ups really mean so we avoid the blindly yes-yes-continue clicking, but in general if things are as sandboxed as they are on mobile (sans the sensor and network access that still allows you to do a million invasive things, so perhaps more like websites where the software is closed when you close it) then we might not need this sort of scheme.
This would be totally unnessisary if apps could run in a sandbox. It wouldn't matter if I run some random game I downloaded off the internet if it can't do anything on my computer outside of its own sandbox.
And to the people that say it's not possible, just look at web browsers. Each website runs in a complete sandbox.
For apps that do need to use operating system functions, then you can escalate privellages with user consent. For example, mobile apps, that ask: "This app wants access to your camera"