[DeepDuh]

Why can't I reply to some comments? That comment about the new sandboxed folder structure made me realize he's right. What's going on with all those symlinks inside the container directory?

This just shows to me what a bad idea sandboxing is for those kind of apps that are supposed to interoperate with the whole system. Is there even a security benefit vs. pure unix permissions if you sandbox the filesystem but then you link in tons of crap that could be potentially attacked?

[Macha]

It's to do with comments that get deeply nested quickly, presumably to prevent back and forth flame wars and the like. If you really want to reply to such a comment, click "link" and there is a reply link on the that page, or just wait.

[rahoulb]

> This just shows to me what a bad idea sandboxing is for those kind of apps that are supposed to interoperate with the whole system.

Isn't the point of sandboxing specifically to prevent apps interoperating with the whole system? (I've not really paid it much attention so far)

[DeepDuh]

Yeah but what's the point in making Preview.app sandboxed? It's a damn document viewer.

[rahoulb]

There have been numerous PDF exploits in the past (including jail breaking iOS) - sounds like it needs its scope limiting.