Thank you both for the thorough (and thoroughly transparent!) replies. I think you raise excellent points.
Admittedly when I pulled up Logic2 for the first time I was struck mostly by the change from the original Logic app, now with its big sidebar tempting me to start running “random” extra Python code right away. A fairer contrast, as you bring up, would be between Logic2 and other “pro” tools like VS Code, DAWs with their VST plugins, and really just about every other app that lets me add anything… or open malicious documents for that matter.
I also agree that it’s a hard problem, even for the big platforms. E.g. I don’t think Apple’s expensive/obsessive/anticompetitive “curation” of their store has done much beyond what their sandboxing system does on its own. And understand the effort it would take to build a high-performance sandboxing solution across three substantially different platforms (each of which is evolving in these areas anyway).
I’ll keep thinking about your questions as I don’t have good answers:
- what your expectations are for marketplaces and installed desktop apps
- any examples of desktop applications with extension marketplaces that you think are doing things right
- examples of effective sandboxing apart from major browser [/OS] vendors
I’m gradually playing more and more with “general purpose” isolation stuff like VMs and containers and maybe the answer is to keep watching that space while continuing to wrestle with the paranoia/practicality questions. I could be convinced that it’s an OS-level problem, while still being heartened by the thought you’ve already put into it for your own app. Thanks again!