this post was submitted on 10 Jan 2025
5 points (85.7% liked)

Apple

17742 readers
113 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:
  1. No NSFW Content
  2. No Hate Speech or Personal Attacks
  3. No Ads / Spamming
    Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 2 years ago
MODERATORS
MichelleG
RoyalEngineering
thisisdee
5
Are App Store apps more secure than from DMG on the internet? (sh.itjust.works)
submitted 1 week ago by [email protected] to c/apple_enthusiast
7 comments fedilink hide all child comments
 

Any devs here? I'm wondering if an app is more secure / has more restrictions if installed through the App Store as opposed to a DMG you download on the internet. I'm mostly concerned with filesystem permissions: the app is RetroArch and it is available on both the iOS and macOS App Store. Is it safer and more private if it's from the App Store? I know Apple's filesystem security policy is around specific folders in Home (Desktop, Downloads, etc.) but do App Store apps get random access to "unprotected" folders in the user's Home folder? Thanks!

top 7 comments
sorted by: hot top controversial new old
[–] ProjektSpartan 17 points 1 week ago (1 children)

Anything uploaded to the Apple App Store goes through a standard review process before Apple will let you release it on their store. Random DMG files you download from a website don’t.

Does that mean the app is more “secure”? Not necessarily. But you can at least be reasonably confident it’s not malware if nothing else.

[–] Ghostalmedia 1 points 1 week ago (1 children)

There is always a chance of malware, but that chance goes down with reviews.

[–] ProjektSpartan 3 points 1 week ago (1 children)

I did say reasonably confident, not 100% sure 😉

[–] Ghostalmedia 4 points 1 week ago

100%.

I only tossed that comment in there because there is always one Lemmy user who says “remember that one time” about a random app sneaking something past a reviewer.

Reviewers are humans and are imperfect. They’ve even missed garbage that I’ve accidentally submitted in a build. 😆

[–] [email protected] 5 points 1 week ago

AFAIK the AppStore versions are often Sandboxed and have automatic update through the AppStore. I am not sure if they are better or more secure regarding the permissions API.

[–] [email protected] 3 points 1 week ago

There's more APIs available than those permitted for use by apps on the app stores, but apps don't automatically become more dangerous just because the install origin was different.

[–] Ghostalmedia 1 points 1 week ago

Apps in the App Store go through a standard privacy and security review. It’s not perfect, but random downloaded apps don’t go through this process. But if you trust the developer, download away.

In the case of retro arch, AppStore downloads are new for them. Apple previously banned emulators in the App Store.

The developers recently added the AppStore to their offerings and they didn’t take away the ability to download the emulator the old fashioned way.