@eskimo Thanks for reply. I also watched the video "What's new in privacy".
This video says "All apps signed with your Team ID can access data in your other app's containers by default", starting at 20:55.
My thoughts are as follows:
App is signed with "Developer ID Application".
Pkg is signed with "Developer ID Installer" with same Team ID.
So Installer can write to App Container because installer pkg and app has signed with same Team ID.
I’m not sure how your installer is managing to trip this. Within the installer package, what’s actually writing to this file? The installed contents itself? Or some sort of script?
No script. My installer bundles app pkg and data pkg using productbuild --distribution script/distribution.xml.
After building bundled pkg, signs using productsign.
Definition: https://github.com/mtgto/macSKK/blob/main/script/distribution.xml
Script: https://github.com/mtgto/macSKK/blob/0.9.1/Makefile#L61-L62
Data pkg contains a file Library/Containers/net.mtgto.inputmethod.macSKK/Data/Documents/Dictionaries/SKK-JISYO.L.
❯ pkgutil --files net.mtgto.inputmethod.macSKK.app
._Library
Library
Library/._Input Methods
Library/Input Methods
Library/Input Methods/._macSKK.app
Library/Input Methods/macSKK.app
Library/Input Methods/macSKK.app/._Contents
Library/Input Methods/macSKK.app/Contents
...
❯ pkgutil --files net.mtgto.inputmethod.macSKK.dict
._Library
Library
Library/._Containers
Library/Containers
Library/Containers/._net.mtgto.inputmethod.macSKK
Library/Containers/net.mtgto.inputmethod.macSKK
Library/Containers/net.mtgto.inputmethod.macSKK/._Data
Library/Containers/net.mtgto.inputmethod.macSKK/Data
Library/Containers/net.mtgto.inputmethod.macSKK/Data/._Documents
Library/Containers/net.mtgto.inputmethod.macSKK/Data/Documents
Library/Containers/net.mtgto.inputmethod.macSKK/Data/Documents/._Dictionaries
Library/Containers/net.mtgto.inputmethod.macSKK/Data/Documents/Dictionaries
Library/Containers/net.mtgto.inputmethod.macSKK/Data/Documents/Dictionaries/._SKK-JISYO.L
Library/Containers/net.mtgto.inputmethod.macSKK/Data/Documents/Dictionaries/SKK-JISYO.L
Addition: Signatures of app and installer package
app has signed with Team ID "W3A6B7FDC7"
❯ codesign -dvvv ~/Library/Input\ Methods/macSKK.app
Executable=/Users/user/Library/Input Methods/macSKK.app/Contents/MacOS/macSKK
Identifier=net.mtgto.inputmethod.macSKK
Format=app bundle with Mach-O universal (x86_64 arm64)
CodeDirectory v=20500 size=5128 flags=0x10000(runtime) hashes=149+7 location=embedded
Hash type=sha256 size=32
CandidateCDHash sha256=4ebfa49edd8731cc6bcff49b0592877a769dbd8d
CandidateCDHashFull sha256=4ebfa49edd8731cc6bcff49b0592877a769dbd8dcdf6dfef04e58c8d318d6f99
Hash choices=sha256
CMSDigest=4ebfa49edd8731cc6bcff49b0592877a769dbd8dcdf6dfef04e58c8d318d6f99
CMSDigestType=2
CDHash=4ebfa49edd8731cc6bcff49b0592877a769dbd8d
Signature size=9046
Authority=Developer ID Application: Satoshi Gotou (W3A6B7FDC7)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=Oct 8, 2023 at 10:11:39
Info.plist entries=34
TeamIdentifier=W3A6B7FDC7
Runtime Version=14.0.0
Sealed Resources version=2 rules=13 files=7
Internal requirements count=1 size=220
pkg has Team ID "W3A6B7FDC7"
❯ pkgutil --check-signature /Volumes/macSKK/macSKK-0.9.1.pkg
Package "macSKK-0.9.1.pkg":
Status: signed by a developer certificate issued by Apple for distribution
Notarization: trusted by the Apple notary service
Signed with a trusted timestamp on: 2023-10-08 01:11:41 +0000
Certificate Chain:
1. Developer ID Installer: Satoshi Gotou (W3A6B7FDC7)
Expires: 2027-02-01 22:12:15 +0000
SHA256 Fingerprint:
4B 04 F9 16 DA 30 68 EC 00 BC 5B B5 F6 E2 C4 88 FC 22 A3 F7 F3 1B
A1 A5 06 B7 54 27 01 0B 37 12
------------------------------------------------------------------------
2. Developer ID Certification Authority
Expires: 2027-02-01 22:12:15 +0000
SHA256 Fingerprint:
7A FC 9D 01 A6 2F 03 A2 DE 96 37 93 6D 4A FE 68 09 0D 2D E1 8D 03
F2 9C 88 CF B0 B1 BA 63 58 7F
------------------------------------------------------------------------
3. Apple Root CA
Expires: 2035-02-09 21:40:36 +0000
SHA256 Fingerprint:
B0 B1 73 0E CB C7 FF 45 05 14 2C 49 F1 29 5E 6E DA 6B CA ED 7E 2C
68 C5 BE 91 B5 A1 10 01 F0 24
Post
Replies
Boosts
Views
Activity
Does this only crop up when you upgrade your app using this installer? Or do you see it on first install of the app?
I test with clean install, and it does not show the dialog.
Re-install also show no dialog after launch app & create a file in App Container.
Since it is no reproducing, my guess is that the problem was caused by launching an application sign with an adhoc signature ("Sign to Run Locally") so that the owner of the container is changed from the legitimate Team ID:
Build adhoc signature app (choose "Sign to Run Locally" in Xcode) and launch
The app shows a dialog “macSKK” is from an unidentified developer and differs from previously opened versions. Are you sure you want to open it? after accessing App Container (?)
Choose "Open Anyway", it changes the owner of App Container (?)
Open pkg via Installer.app, it shows the dialog “Installer” would like to access data from other apps..
I have found that by using certificates with same Team IDs in debug builds, such as when running unit tests, the problem does not reproduce itself in my environment.
The invalidate() call in this sequence is problematic:
You’re invalidating the connection at the end of the current scope, which is before the callback has any chance of being called.
Yes, you're right. My code calls NSXPCConnection#invalidate before callback called.
My example project works fine after delete NSXPCConnection#invalidate: https://github.com/mtgto/example-nsxpc-throws-error/commit/165488bf1b43e694b7d39c02b76e611542faa8cf
Swift concurrency and NSXPCConnection aren’t a great combo. It’s better to using NSXPCConnection with traditional completion handlers.
Okay, I'll convert my program to use completion handlers.
You’re not setting up any invalidation and interrupt handlers, which is problematic.
Yes, I'll write it.
Finally, if you haven’t already read TN3113 Testing and debugging XPC code with an anonymous listener, you should. It’s the best way to get started with this stuff.
I didn't read yet this article. I don't know NSXPCConnection and NSXPCListener in same process. It helps me for debugging!
I am very grateful to have found the cause of the XPC problem I was struggling with alone. Thank you again!