From 2b9fe74a0759e8b1b34ab81f1740cc17e7fef2d4 Mon Sep 17 00:00:00 2001
From: fria <138676274+friadev@users.noreply.github.com>
Date: Tue, 26 Nov 2024 06:12:33 -0600
Subject: [PATCH] add app container info

---
 content/posts/macos/macOS Security Overview/index.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/content/posts/macos/macOS Security Overview/index.md b/content/posts/macos/macOS Security Overview/index.md
index fa0ad1e..c741b98 100644
--- a/content/posts/macos/macOS Security Overview/index.md	
+++ b/content/posts/macos/macOS Security Overview/index.md	
@@ -26,7 +26,9 @@ sudo pmset -a hibernatemode 25
 
 ## App Sandbox
 
-The [App Sandbox](https://developer.apple.com/documentation/security/app_sandbox/protecting_user_data_with_app_sandbox) is a feature that limits the access an app has to the rest of your system. Developers enable it when they sign their app, so it's not possible for you to enable it or modify the entitlements since they are defined in the signature. 
+The [App Sandbox](https://developer.apple.com/documentation/security/app_sandbox/protecting_user_data_with_app_sandbox) is a feature that limits the access an app has to the rest of your system. Developers enable it when they sign their app, so it's not possible for you to enable it or modify the entitlements since they are defined in the signature.
+
+Sandboxed apps are given their own container in `~/Library/Containers` that they have exclusive read/write access to.
 
 The App Sandbox is designed to limit the damage to your system in the event an app is exploited, however it can't protect against malicious developers since they can just disable or weaken the sandbox in a future update if they want. For protection against malicious developers, you'll need to install apps from the App Store where the sandbox is enforced.