https://twitter.com/stroughtonsmith/status/474213833465421824
Apple’s new Playgrounds feature is very cool, allowing developers to test Apple’s new programming language Swift in real time, but developer Steve Stroughton-Smith points out a rather gaping flaw.
It turns out that the app isn’t sandboxed which means entered code can do pretty much anything it wants. So, entering the code above for instance will actually delete every file on your system. The realtime nature of Playgrounds means you don’t even have to press Enter for the entire contents of your hard drive to be erased.
Until Apple fixes this issue, people should be very careful clicking on Swift scripts that they do not understand as the Playground will run them, malicious or not.
Be careful clicking on playground links you come across on the web: it looks like they can do serious damage: http://t.co/XdENMf743o
— Craig Hockenberry (@chockenberry) June 4, 2014
I think this is a bogus argument. “Playground” in this case doesn’t mean it isn’t real code that does real things. It means that it’s not a part of a compiled application, but you can see the real results of doing real things in real time. In other words, you’re not playing around with play code, you’re playing around with real code. They either need to change the name of it or put a warning at the top.