mac沙盒

You noticed something called “sandboxd” while looking through Activity Monitor, and now you’re here. So what is this thing?

在查看活动监视器时，您发现了一个称为“沙盒”的东西，现在您在这里。 那这是什么东西？

This article is part of our ongoing series explaining various processes found in Activity Monitor, like kernel_task, hidd, mdsworker, installd, WindowServer, blued, launchd, backup, opendirectoryd, powerd, coreauthd, configd, mdnsresponder, UserEventAgent, nsurlstoraged, commerce, parentalcontrold, and many others. Don’t know what those services are? Better start reading!

这篇文章是一部分我们正在进行一系列的解释活动监视器中发现的各种Craft.io，比如kernel_task ， hidd ， mdsworker ， INSTALLD ， WindowServer ，发蓝， launchd会，备份， opendirectoryd ，的powerd ， coreauthd ， configd ， mdnsresponder ， UserEventAgent ， nsurlstoraged ，商业， parentalcontrold和许多其他的。 不知道这些服务是什么？ 最好开始阅读！

Today’s process, sandboxd, is a daemon, which means it runs a system task in the background on macOS—daemons generally have a “d” at the end of their name. This particular daemon handles the macOS sandbox, as running man sandboxd in your Terminal will show you:

如今，沙盒化进程是一个守护程序，这意味着它在macOS上在后台运行系统任务-守护程序通常在其名称的末尾带有“ d”。 这个特定的守护程序处理macOS沙箱，因为在终端中运行沙箱的man sandboxd您显示：

sandboxd performs services on behalf of the Sandbox kernel extension.

sandboxd代表Sandbox内核扩展执行服务。

So what’s a sandbox? You can check out our explainer on sandboxes for an overview, but for the most part a sandbox prevents applications from accessing parts of the system it doesn’t need. The macOS sandbox is outlined on Apple’s developer page:

那么什么是沙盒？ 您可以查看我们在沙箱上的解释器以获取概述，但是在大多数情况下，沙箱会阻止应用程序访问不需要的系统部分。 在Apple的开发人员页面上概述了macOS沙箱：

App Sandbox is an access control technology provided in macOS, enforced at the kernel level. It is designed to contain damage to the system and the user’s data if an app becomes compromised.

App Sandbox是macOS中提供的一种访问控制技术，在内核级别实施。 如果应用程序被盗用，它旨在包含对系统和用户数据的破坏。

Before sandboxing, every application had access to everything the user did. This was nice for simplicity’s sake, but it meant every single application was a potential path to all of your data and hardware. Applications running in the sandbox have to specifically request access to things like your files or your webcam, giving you an added level of security.

在进行沙箱测试之前，每个应用程序都可以访问用户所做的一切。 为了简单起见，这很好，但这意味着每个单独的应用程序都是通往所有数据和硬件的潜在途径。 沙盒中运行的应用程序必须专门请求访问文件或网络摄像头之类的权限，从而为您提供更高的安全性。

The macOS sandbox optionally can be implemented by applications you download online, but is mandatory for any application you download from the Mac App Store. This is just one reason why the Mac App Store doesn’t have all the applications you want.

您可以选择通过在线下载的应用程序来实现macOS沙箱，但是对于从Mac App Store下载的任何应用程序来说，macOS沙箱都是必选的。 这就是Mac App Store没有想要的所有应用程序的原因之一。

The process sandboxd probably shouldn’t be taking up much of your system resources, but if it does try shutting down any recently installed applications. If that solves the problem, consider submitted a bug report to the developer, because something about that application is causing problems.

沙盒进程可能不应该占用您的大量系统资源，但如果确实尝试关闭任何最近安装的应用程序，则不会。 如果这样可以解决问题，请考虑将错误报告提交给开发人员，因为有关该应用程序的某些信息引起了问题。

翻译自: https://www.howtogeek.com/344211/what-is-sandboxd-and-why-is-it-running-on-my-mac/

mac沙盒