Short, plain-English article explaining the security upgrades in Lion. As we speak, Apple developers are building new versions of their apps to support sandboxing.
“OS X has always had this goofy ASLR implementation where the randomized the libraries but not anything else, and you could still play the games and reuse code as long as there was one thing that wasnt randomized,” said Charlie Miller, principal research consultant at Accuvant, who does a lot of OS X security research. “In Lion it seems like everything is randomized and no code is loaded at a predictable address. They made it much harder to exploit things. You probably need two bugs now, one for code execution and one for information disclosure.”