alt Hacker NewsHitting the sandbox extension limit is not necessarily a leak. There are a number of apps that deal with thousands of files at once and they will very quickly hit the limits. It's a perennial problem with anyone who makes professional, but sandboxed, software for macOS.
Yes, I should've said "can be". They are definitely difficult to manage. It doesn't help that people like to pass file paths or URLs across IPC and don't think of eg sending file descriptors over directly.
Hmm, who needs thousands of files at once (as opposed to serially)?