Dear all,In macOS Catalina we have the new NetworkExtension framework that can filter network trafic on a computer.In my usecase I need the PID of the process that is the originator of the network flow. I'm aware that PID are not a reliable way to identify a process (since PIDs can be reused), but in my usecase only PID can identify what I need.In handleNewFlow(_ flow: NEFilterFlow) we can get the sourceAppAuditToken (flow.sourceAppAuditToken), where sourceAppAuditToken is a Data type. Is there a way to convert this sourceAppAuditToken to a PID value?I'm also aware of getting the signature of the process (eventually the Bundle ID) with SecCodeCopySigningInformation / kSecCSDynamicInformation, but again in my usecase it does not help.A way to do this is to call "netstat" and look for the local port in the output and get the PID from there, but sometimes this is not very reliable.Any ideas how to do this?Regards,Alex
Post
Replies
Boosts
Views
Activity
Hello,
MailKit for macOS 12 looks great, but it is possible to have access to incoming/outgoing email attachments?
For the moment MEMessage does not give access to such properties. Or any other ways to achieve this? (like some data parsing)?
Thank you
Hello,
Is it possible to make a FaceID authentication (LAContext) inside the ShieldActionDelegate extension in the func handle(action: ShieldAction...) callback?
Or is it possible to open the host app to do this authentication for us?
Right now using LAContext.evaluatePolicy (with FaceID) gives this error: User interaction required. And there is no API to open the host app.
Or any other ideas how to have some extra options/operations in the handle caller?
Thank you
Hello,
Is it possible to make a FaceID authentication (LAContext) inside the ShieldActionDelegate extension in the func handle(action: ShieldAction...) callback?
Or is it possible to open the host app to do this authentication for us? Right now using LAContext.evaluatePolicy (with FaceID) gives this error: User interaction required. And there is no API to open the host app.
Or any other ideas how to have some extra options/operations in the handle caller?
Thank you
Hello,
When locking an app using Family Controls, inside the ShieldActionDelegate's handle(action:..) call (where we decide what to do with the shielded app) there is no way to call Face ID (LAContext). The error is: User interaction is required.
I understand why this is the case, but is there any other way around this?
Sometimes handle(action:) inside ShieldActionDelegate needs authentication or more details from the user in order to decide if the app should be unlocked.
Thank you.
Hello
I have a very simple feature that tries to remove the background from a web camera video stream using VNGeneratePersonSegmentationRequest and VNImageRequestHandler.
let personSegmentationRequest = VNGeneratePersonSegmentationRequest()
personSegmentationRequest.qualityLevel = .balanced
let imageRequestHandler = VNImageRequestHandler(ciImage: ciImage) // a frame from the camera
try? imageRequestHandler.perform([personSegmentationRequest])
guard let result = personSegmentationRequest.results?.first else {
return nil
}
On Mac computers with M1 processors works great (60 fps without any issue).
The same code/app on MacBook Pro Intel i7 2.7GHz and AMD Radeon the performance is only 10 fps, much lower.
Any thoughts?
Thank you
Hello,
The purpose of "Screen Time Passcode" under Settings/Screen Time is to protect Screen Time preferences and it is asked every time the user updates Downtime, App Limits, Content & Privacy Restrictions and so on.
But the private passcode is not requested if the user disables Screen Time for a particular app (only Face ID or phone passcode is requested, but not the private Screen Time passcode).
I think this is a mistake, I think the purpose of a private Screen Time passcode is to protect all settings, including apps that use this API, right?
Is there any solution to this?
Thank you.
Hello,
In the latest macOS Sonoma and Safari 17 update, Safari App Extensions that were previously running without any issues (for years) suddenly stopped working.
Digging a little into the source code and debugger, I found out that basic API calls do not work anymore, for example:
SFSafariApplication.getActiveWindow { (window) in ... }
or the async version: let window = await SFSafariApplication.activeWindow()
getActiveWindow callback is never called and let window = await ... waits forever.
Is there anything updated in the security model of Safari 17 that I should be aware of? Or any API updates. I repeat, the extensions worked for 5 years without any issue and also work perfectly in Safari 16 and macOS Ventura.
Thank you.
Hello,
I have a quick question. In my File Provider based Mac application, if the user copies a folder to his computer, the "download" progress indicator near the folder name (the one from Finder) is showing only if the user entered the folder before.
If the user did not enter the folder before and copies the folder, the progress indicator is showing always zero and jumps to 100% after the copy operation is over.
Any thought on this?
Thank you.
Hello,
I'm having some problems in implementing a File Provider based app.
NSFileProviderEnumerator is very slow for many files (over 2000 files). I'm using pagination like this:
observer.didEnumerate(paged_files) // page size is usually 200
let nextPage = NSFileProviderPage((page + 1).description.data(using: .utf8)!)
observer.finishEnumerating(upTo: nextPage)
and
observer.finishEnumerating(upTo: nil)
when finished all pages.
But after calling "observer.finishEnumerating(upTo: nil)" it still takes a lot of time (20-30 seconds) until all files are listed in Finder.
Any tips?
Thank you.
Hello,
I have another quick question. I'm using NSFileProviderReplicatedExtension to create a macOS File Provider app to access remote files directly in Finder.
When I copy a file to a remote folder (managed by File Provider) "createItem(basedOn itemTemplate: NSFileProviderItem, fields: NSFileProviderItemFields ....)" is triggered and this is fine.
But immediately after the file is upload fetchContents(for itemIdentifier: NSFileProviderItemIdentifier, version ...)" is also triggered.
Is this expected? Downloading again the file after upload requires some time and it's not the best experience for the user if he is in a hurry. Is there any way to prevent this?
Thank you.
Hello all,
When copying a lot of files using NSFileProviderReplicatedExtension (more than 2000 files) to the a local storage, fetchContents is called for each file, but usually after around 2000 files, fetchContents is not called anymore. No errors, no invalidate() called, no cancelations, no log messages, just silence.
Is there any explanation or solution for this behaviour? I want the extension to provide all files until the end.
By the way, if the transfer fails, but you double click on the local folder a "Finish Copying" option is presented and after that fetchContents for the remaining files is called (which is good).
Thank you.
Hello,
I had a strange bug in a File Provider app and I found out that the problem was that NSFileProviderEnumerator's invalidate() was called during an operation (a download or even a file enumeration operation from the server).
The files are stored on a server and while fetchContent is called and the extension waits for the server to send the file (or enumerate a long list of files), invalidate() is called. And after some time the extension is re-initialised.
I know that the extension can be deallocated by the OS from time to time, but why during an operation? If a do a cleanup inside invalidate() I will lose references to my downloads or operations.
Any thoughts on this? Is there any way to prevent this?
Thank you.
Hello guys,
Is there any API developers can use to get advantage of the new windows resize and placement feature for macOS Sequoia?
And of course I'm not talking about resizing the windows from your own app, but the windows from other apps.
Thank you.
Hello,
I developed a file provider extension that can access files from multiple locations. With the new macOS Sequoia I cannot access files from volumes, here is the error from Console:
Refusing TCCAccessRequest for service kTCCServiceSystemPolicyRemovableVolumes from extension Sub:{com.app.ext}Resp:{TCCDProcess: identifier=com.app.ext-Driver, pid=26706, auid=501, euid=501, binary_path.... Driver}, extension point disallows prompting
I added "Privacy - Removable Volumes Usage Description" values for both the main app and extension Info.plist, I click Allow on the alert, but still I receive this error message.
Any solution?
Thank you.