12

Clearly Apple has the ability to create dynamically loaded libraries (known as frameworks) for iOS, as they ship several with XCode (such as UIKit). App developers only have the ability to create static libraries, or at best, trick Xcode into thinking it's loading a framework when it's actually loading a static library, this is known as creating a fake framework, some of the drag-and-drop convenience, but none of the dynamic loading benefits.

What is Apple's reasoning for keeping dynamic frameworks from app developers? It seems like it would ease using external libraries considerably, since developers wouldn't have to rely on finicky linker flags or open-source library dependency chains.

I see a common reason is security. Why then does Apple allow it on OSX and not iOS? Isn't security a requirement there as well?

EDIT: This is no longer relevant as of iOS 8. Apple has added support for dynamic frameworks.

Joel Fischer
  • 223
  • 2
  • 7

2 Answers2

17

One of Apple's criteria for accepting a program is whether or not it makes calls to unsupported Apple API's (or other bad stuff). By requiring static linking, they can prove that the software does not make such calls. Allowing dynamic linking would allow any kind of behavior to be added later, which pretty much invalidates their approval process.

Apple allows dynamic linking in OSX because, well, Macintoshes are real computers, not tablet devices, and the users of real computers expect them to be programmable in this fashion. The market for tablets and phones is quite different from that of desktop and laptop computers. Computers are production devices; users expect to be able to produce products on them, including writing programs that do what they want, how they want. This was never the expectation of tablet devices, which are consumption devices.

The whole point of tablets and the Apple Store was to create a closed environment to protect consumers from pedestrian viruses, and the like (well, and to allow Apple to collect 30% of all software sales made through their store).

Robert Harvey
  • 198,589
  • 55
  • 464
  • 673
  • 7
    Note: Apple has now allowed dynamic frameworks on iOS as of iOS 8. – Joel Fischer Jun 23 '14 at 13:13
  • @Robert Harvey thanks for the explanation, but from iOS 8, they are open to use dynamic frameworks. will it allow hackers to affect the iOS/App? do u have any idea, how Apple made dynamic frameworks as open to developers, but preventing the hacker from it. thanks! – Vijay-Apple-Dev.blogspot.com Oct 11 '16 at 13:49
8

The reason is security as mentioned in this Stack Overflow question:

The reason is security: since a dynamic library can be loaded and unloaded at runtime you could download additional executable code and load it (think plug-in). This could get compromised by a hacker and then having malicious code executing on your phone is a very bad thing. It would also make it possible to add unapproved features to an approved app. In short: in this environment, Apple considers dynamic linking to be a Pandoras box that must be strictly controlled, otherwise it could compromise security and I agree that it does make sense on the phone.

Community
  • 1