This is what I was afraid of 😐For the record, FB7673690 has been filed for the bug and makes a suggestion to revisit SFAuthorizationView so that a consumer of the API can provide prompt text during the setup of the view.
Post
Replies
Boosts
Views
Activity
Yes, seeing the same problem here:
error 09:29:29.624377-0700 kernel Library Validation failed: Rejecting '/private/tmp/com.apple.installerbBJCPsLO/***.bundle/Contents/MacOS/*' (Team ID: ********, platform: no) for process 'InstallerRemoteP(1890)' (Team ID: none, platform: yes), reason: mapping process is a platform binary, but mapped file is not
I've seen the same issue created feedback for it.
Honestly, I think NSEndpointSecurityMachServiceName is the right answer here. It lets your ES sysex publish a global Mach service that any process on the system can connect to (unless blocked by the sandbox). Is the value for NSEndpointSecurityMachServiceName allowed to be any arbitrary string or does it still need to conform to <teamid>.<bundleID>.xpc?
Testing shows that the following don't work when trying to make a connection between the sysex and the host app:
<bundleID>
<bundleID>.xpc
<teamid>.<bundleID>
On 10.15.6 (19G2021) and 11.0 Beta (20A5354i), man EndpointSecurity doesn't indicate that it has to be of a certain format, only that a default mach service name will be used:
NSEndpointSecurityMachServiceName
Type: String If set, this string will be the name of the MachService which can be used for XPC between the ES
extension and its app. If ES extension is combined with a Network Extension, set the NEMachServi-
ceName key in the Info.plist. If not set, a default mach service (name: <teamID>.<bundleID>.xpc)
will be provided but its usage is deprecated. I'm curious, for the record :)
Thanks in advance.
Nevermind, it's been a long day. NSEndpointSecurityMachServiceName is supposed to go in the SYSEX's Info.plist file, not as an entitlement. 🙄
Quinn,
I'll add my request: FB10320938
Cheers