I am developing EndpointSecurity on macOS 11.0 Beta 6. What I want to do is, when EndpointSecurity is installed and running, replace it with a new version of EndpointSecurity. Implemented in my EndpointSecurity bundle app OSSystemExtensionReplacementActionReplace is returned inside Request:actionForReplacingExtension:withExtension: method. I checked through NSLog that the Request:actionForReplacingExtension:withExtension: method is called normally. However, if you check the console.app at this time, sysextd crashes. And I checked with the systemextensionsctl list command. A crash in sysextd did not replace the new version of EndpointSecurity. I need your help. sysextd crash logs - https://developer.apple.com/forums/content/attachment/dc54cc07-7a09-4645-ae02-b042405757c3 Also, I have posted the relevant content to the Feedback Assistant. FB8622798 Of course, I also forwarded the information to the Technical Support Incident. 745704790

Honorable Quinn, I have a problem with macOS 11.0 Big Sur RC2. I did nothing for the file at the time of opening with EndpointSecurity and allowed all of them. Of course I refer to the source code of the official EndpointSecurity example. However, a problem arises in the process of using the file lock. The file lock is unlocked even when the process is alive. When I check, the problem is not reproduced unless I receive the ESEVENTTYPEAUTHOPEN callback. If all events are allowed through the esrespondflagsresult() function in the ESEVENTTYPEAUTH_OPEN callback, the file lock may be released. This issue has a high reproducibility. Ask for confirmation and advice. Thank you.