I am building a SystemExtension with Endpoint Security API's. It runs as a client and needs to talk to XPC service hosted by an agent. I find the SystemExtension is unable to connect to any XPC service hosted outside of it. The listener function never gets called, and the connection fails while getting the remoteObjectProxy. The agent creates the XPC listener as follows: let delegate = ServiceDelegateAgent() let listener = NSXPCListener(machServiceName: "com.xxxx.extension.agent.xpc" ) listener.delegate = delegate; listener.resume() class ServiceDelegateAgent : NSObject, NSXPCListenerDelegate { 		func listener(_ listener: NSXPCListener, shouldAcceptNewConnection newConnection: NSXPCConnection) -> Bool { 				newConnection.exportedInterface = NSXPCInterface(with: AgentXPCProtocol.self) 				newConnection.exportedObject = AgentXPC() 				newConnection.resume() 				return true 		} } The SystemExtension uses the following pseudo code to establish the connection with com.xxxx.extension.agent.xpc but fails to do so: let connection = NSXPCConnection(machServiceName: "com.xxxx.extension.agent.xpc") connection.remoteObjectInterface = NSXPCInterface(with: AgentXPCProtocol.self) connection.resume() let service = connection.remoteObjectProxyWithErrorHandler { error in 		NSLog("Failed to connect: \(error)") } as? AgentXPCProtocol I can successfully establish a connection where the XPC service is hosted inside the SystemExtension, and agent connects to it to get the ES events. Could you let me know how I can get the SystemExtension connect to the XPC service hosted outside of it? Is there limitations on how it can talk to agent outside of it?

How can I create an entry for my application under the Full Disk Access panel of Security & Privacy in System Preferences programmatically? My application requires Full-Disk Access, and it does not automatically show up in the Full Disk Access panel. Is there any policy/rules which define the behavior when an application entry will get created? I want to avoid adding to the list manually.