Or is it indeed possible to spawn a child process that exceeds the
permissions of its sandboxed parent process?
That’s not possible because the child process inherits the parent’s sandbox.
I would assume that MapKit is an exception.
I wouldn’t call it an exception per se. Rather, this behaviour is an artefact of how maps works. You could implement the same sort of thing in a third-party product. For example, if your app used XPC to talk to your non-sandboxed daemon:
-
The daemon could run a network request on behalf of the app regardless of the app’s sandbox setup.
-
Alternatively, the daemon could look at the sandbox setup of your app and choose not to run this network request.
It sounds like map view has chosen the first option and web view has chosen the second. To my mind that makes sense, in that map view will talk to a specific set of servers while web view can talk to an arbitrary server, but I could see how opinions might differs.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"