Is it theoretically possible to:
- Build an app with Mac Catalyst without the App Sandbox entitlement and
- Distribute it outside the Mac App Store (w/ notarization)?
Thank you!
Absolutely.
Mac Catalyst apps are pretty much just Mac apps [1]. They only need to be sandboxed if you ship them on the Mac App Store.
Having said I encourage folks to enable the sandbox even when it’s not required. See the The Case for Sandboxing a Directly Distributed App.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] While there’s one obvious difference — the UI framework you use — there are some subtle runtime differences. The one that I see cause the most problems is that a Mac Catalyst app process can only use the data protection keychain. See TN3137 On Mac keychain APIs and implementations. But you can get around such limitations by embedding a non-Catalyst helper within your app. It’s the Mac, so you can use IPC!