[dunham]

> The best thing about iPadOS is control. It feels so relaxing not having to worry about discord scanning all your processes and files just because you want to chat with your friends. I hope they'll never go back to allowing unsigned code.

I very much like the sandboxing of apps and the control I have over what they can access (e.g. location, contacts, photos). It also helps contain any security bugs in apps. But this seems orthogonal to allowing unsigned code. You could just as easily run an unsigned app in the same sandbox.

So personally, I'd like to keep that model - but I'd like to be able to load my own apps (within appropriate sandboxes).

To address some of the issues I've seen discussed here, I'd also like to see the ability to create a "volume" (a shared directory tree) and explicitly grant access to a volume to a subset of apps. (E.g. keep all of you document workflow in a volume and expose it to your TeX tools and git tools, but Uber/Facebook doesn't get to touch it.) I this is already addressed in OSX sandboxing - I believe you can grant access to a directory tree to a sandbox app via the open file dialog.