Apple backtracks on App Store removal threat for Unix shell iOS apps
Developers of Linux and Unix shells have received warnings from Apple that their iOS apps violate App Store Review Guidelines, with the threat of termination from the App Store said to be reversed in at least one instance.
A shell is a tool that enables users to perform command-line operations on a device, which usually doesn't offer that sort of functionality, such as the lack of a terminal in iOS. These terminal emulator apps like a-Shell and iSH enable the use of many Unix commands in iOS, which can be useful for developers and power users.
However, according to a series of tweets on Sunday, it seems that the two apps have come under fire from Apple's App Store team for seemingly violating the App Store Review Guidelines. The iSH Twitter account advised it was informed by Apple it would be removing the app from the App Store on Monday.
Hours later, the developer advised they had received a call from the App Review team apologizing for the notification, the appeal against the takedown was accepted, and that iSH would not be removed from the App Store.
We got a call this evening from someone who runs App Review. They apologized for the experience we had, then told us they've accepted our appeal and won't be removing iSH from the store tomorrow. We'll stay in contact with them to work out details.— iSH (@iSH_app) November 9, 2020
As to why the app was rejected, iSH suggested it could be related to section 2.5.2 of the App Store Review Guidelines, as it put out a request for feedback from other developers enduring the same trouble. In response, a-Shell advised it had received a "similar notice of termination" a few days prior, but the appeal was still pending.
Section 2.5.2 deals with the self-containment of apps within their bundles, and to not read or write data outside its designated container area, nor to "download, install, or execute code." As shell apps may have the capabilities to run scripting, it could be this element that is being picked up by the review process.
In a full blog post, iSH developers Theodore Dubois, Saagar Jha, and Martin Persson explain the removal threat was due to the team believing the app was "not self-contained and has remote package updating functionality," with a request to remove the offending items and other remote network commands. It was thought that iSH was a "security concern" if it allowed users to import code into the app.
"We believe iSh is fully compliant with the App Store Review Guidelines," wrote Saagar, with Apple thought to have misunderstood or misinterpreted the app, its own guidelines, or "the consequences of what they are asking." Saagar suggested that a consistent enforcement of this "incorrect interpretation" would ensure the "removal of all scripting apps" from the App Store.
The a-Shell tweet further advises it was requested to remove access to the unix commands "curl, pip, and wasm" for the app to stay in the App Store. The curl command handles data transfers over a network, pip is used to install Python packages, and wasm relates to WebAssembly, a code that could be run in web browsers.
Apple updated its App Store Review Guidelines on August 31, including a new element that allowed developers to challenge the guidelines themselves, with the potential to make Apple change some of its review rules. A challenge has already been successfully logged with Apple by Guardian VPN, which wanted more flexibility in how it charges for auto-renewing subscriptions.