I've made a simple command line app that requires Screen recording permission. When I ran it from Xcode, it prompts for a permission and once I allowed it from the settings, it runs well. #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <CoreGraphics/CGDisplayStream.h> int main() { printf("# Start #\n"); if (CGPreflightScreenCaptureAccess()) { printf("# Permitted.\n"); } else { printf("# Not permitted.\n"); if (CGRequestScreenCaptureAccess() == false) { printf("# CGRequestScreenCaptureAccess() returning false\n"); } } size_t output_width = 1280; size_t output_height = 720; dispatch_queue_t dq = dispatch_queue_create("com.domain.screengrabber", DISPATCH_QUEUE_SERIAL); CGError err; CGDisplayStreamRef sref = CGDisplayStreamCreateWithDispatchQueue( 1, output_width, output_height, 'BGRA', NULL, dq, ^( CGDisplayStreamFrameStatus status, uint64_t time, IOSurfaceRef frame, CGDisplayStreamUpdateRef ref ) { printf("Got frame: %llu, FrameStatus:%d \n", time, status); } ); err = CGDisplayStreamStart(sref); if (kCGErrorSuccess != err) { printf("Error: failed to start streaming the display. %d\n", err); exit(EXIT_FAILURE); } while (true) { usleep(1e5); } CGDisplayStreamStop(sref); printf("\n\n"); return 0; } Now I want to execute this from terminal, so I went to the build folder and typed the app name. cd /Users/klee/Library/Developer/Xcode/DerivedData/ScreenStreamTest-ezddqbkzhndhakadslymnvpowtig/Build/Products/Debug ./ScreenStreamTest But I am getting following output without any prompt for permission. # Start # # Not permitted. # CGRequestScreenCaptureAccess() returning false Error: failed to start streaming the display. 1001 Is there a something I need to consider for this type of command line app?

We have a sandboxed swift app with an associated network extension where both write to the same log file in a shared container (via NSFileCoordinator) On sonoma all was good. With sequoia, we get a popup requesting access to the file from the user. I realize this is all in the name of security, but is there any way to prevent this popup? alf

macOS 15 has added a new "Local Network" permission under Security & Privacy. I had a bug in my app that led to a crash when the user denied this permission. Now I've fixed it and would like to verify that it all works fine. The problem is: I need to remove my app from the settings so that macOS will show the prompt again (e.g. to verify that my custom message appears correctly). Usually, sudo tccutil reset All would do the trick. But not for this permission! The apps do not get cleared with this command. So, there's two issues: tccutil should remove it but doesn't. How can I remove this settings? Update I had a look at the "TCC.db" (see https://www.rainforestqa.com/blog/macos-tcc-db-deep-dive), and it seems to me that the Local Network permission isn't even managed by the TCC system, as it doesn't appear in it. This is odd.

Hi I am currently developping the "Sign in with apple" feature. We set up everything according to the documentation : https://developer.apple.com/help/account/configure-app-capabilities/configure-private-email-relay-service When trying to send an email from one of the registered communication emails (that is SPF and DKIM Authentication compliant) the emails are still ending up in the spam box. If it can help the received email address (that is hidden) is a gmail. I can not catch what is missing/wrong on our side.

There is a problem with the Apple local network setting api, iOS18 system, you turn off the local network permissions of the APP, uninstall the APP, and then re-install, the local network permissions even if opened, there is no effect, only restart the phone is useful

I have two applications (MinimServer and MinimWatch) that run on macOS. Both use the local network. On Sequoia, starting MinimWatch for the very first time after installing Sequoia shows a prompt for permission to access the local network. If the user agrees, an enabled entry for MinimWatch appears in the Privacy & Security > Local Network section as expected. If MinimServer is then started for the very first time, there is no prompt and the existing Local Network entry for MinimWatch now controls local network access for both MinimWatch and MinimServer. If ths above order is reversed (start MinimServer first after installing Sequoia and then start MinimWatch), Local Network shows a single entry for MinimServer which controls network access for both MinimServer and MinimWatch. It appears there is a false positive match when the second application is started. Sequoia finds the Local Network entry for the first application and incorrectly idenfies this as matching the second application. Both applications are written in Java and have a similar internal structure. The app packages contain some identical files but the following files are different: The bundle executable in the MacOS folder Other executables in the MacOS folder launched by the bundle executable The Info.plist keys CFBundleName, CFBundleIdentifier, CFBundleExecutable, CFBundleIconFile and JVMMainJarName What might be the similarity between these app packages that is causing Sequoia to incorrectly identify one of these applications as being the other application?

I heard and read in reddit and GitHub about that UIDevice.current.identifierForVendor.uuidString is restricted according to privacy. Its better use DeviceCheck API or create my own UUID. So is it correct? If its so please can you share apple privacy update about this?

Hello I have an app that uses the user's Device ID for tracking purposes. I have since removed all ads and tracking. I am now in a difficult position because I cannot turn off Device ID Tracking from App Privacy. The current app version has this on and contains the framework for turning it on. If I try to submit an app without Tracking, it gets rejected with the message "The app uses the AppTrackingTransparency framework, but we are unable to locate the App Tracking Transparency permission request when reviewed on iOS 18.0." So, I am now stuck. I cannot turn off Device Tracking in App Privacy because my app previously had tracking. I cannot remove the framework for Tracking because App Privacy has tracking on. How can I proceed to remove all tracking traces from my app? Jake

Hi Apple Engineer, My app is using ImageCaptureCore framework to communicate to external DSLR Camera. When I connect my device to a camera, I execute the requestContentsAuthorization(completion:) to request for Access Files on Connected Cameras. This is the dialog when the request is executed: When I tap "OK", the status of content authorization keeps "Denied". even when I open "Files and Folders" permission in "Privacy & Security" Settings. When I switched ON the permission, the switch keeps back to turned off. You could see the reproduce in this GoogleDrive video https://drive.google.com/file/d/15B-R5TONgMWg8qFiYUGK0hTy62dsVGUX/view?usp=sharing The occurrence keeps happen even: I uninstall and install the app back Do "Reset Location & Privacy" Do "Reset All Settings" I attached the sysdiagnose files in this GoogleDrive file https://drive.google.com/file/d/11lovl_xC95AKXQTkZ1_e6UbEgS5md0Z3/view?usp=sharing I firstly experience this issue after researching ImageCaptureCore's API. I executed resetContentsAuthorizationWithCompletion:. After that, my permission request keeps denied as described above :( There are other developer that experiences the same as mine https://forums.developer.apple.com/forums/thread/756960 . There is a simple sample project there and it's reproducible in my case. Could you help me how to accomplished my app can be granted for permission to "Files and Folders" permission when using ImageCaptureCore? Could it be a bug from the system?

Hello. I’m running the 18.3 beta on an 15 pro and have noticed the green camera indicator light turns on when I switch apps. I also am unable to use my flashlight until it turns off (usually a second or two). I’ve checked my privacy and access settings and nothing looks out of the norm. I’ve also closed all rubbing apps, but the issue continues.

The app does not meet all requirements for apps that offer highly regulated services or handle sensitive user data. Specifically: The account that submits the app must be enrolled in the Apple Developer Program as an organization, and not as an individual. The guideline 5.1.1(ix) requirements give users confidence that apps operating in highly regulated fields or that require sensitive user information are qualified to provide these services and will responsibly manage their data. Next Steps To resolve this issue, it would be appropriate to take the following steps: The app must be submitted through an Apple Developer Program account enrolled as an organization. You may either enroll in a new Apple Developer Program account as an organization, or request that your individual account be converted to an organization account by contacting Apple Developer Support. Please note that you cannot resolve this issue with documentation showing permission to publish this app on behalf of the content owner or institution. Resources Learn how to transfer apps between accounts. Request a fee waiver for nonprofit organizations, accredited educational institutions, or government entities. Support Reply to this message in your preferred language if you need assistance. If you need additional support, use the Contact Us module. Consult with fellow developers and Apple engineers on the Apple Developer Forums. Help improve the review process or identify a need for clarity in our policies by suggesting guideline changes. Request a phone call from App Review At your request, we can arrange for an Apple Representative to call you within the next three to five business days to discuss your App Review issue. Request a call to discuss your app's review please how can i go about this

I am having trouble finding clear information about this. I want my app to collect and aggregate user data to provide useful analytics to the user and userbase. Can data accessed from HealthKit be stored on a database outside the Apple ecosystem and used for analytics? The data will not be used for marketing and will not be shared. It will be used only for the benefit of the user's understanding of their health and for the community that uses the app. If not, what if the data is anonymized first before being exported to a 3rd party database?

Hi, I upgraded my MacOs to 15.0. I work with maven in my environment. Normally, while running tests with maven in my environment in Sonomo 14.5, I was connecting to my test database environment with the postgresql library in the background. But after the upgrade, I realized that maven could not do this. After some research, I saw that this policy for applications was newly added at https://support.apple.com/en-us/121011. So, starting from 15.0, we have to allow "Local Network" usage for each application. But when I run the "mvn test" command from the terminal, it does not ask me if I allow Local Network usage and that's why my mvn test gets an error. But in normal applications, the same transaction works differently; For example, if I use the terminal of VSCode.app, it pops up a popup asking if I allow it and I allow it. Then, I see that this application has been added under Local Network. I definitely think there is a bug here. Even though I allowed the postgresql jdbc driver with the "socketfilterfw" command, it doesn't work. Even though I allowed maven, it doesn't come under "Local Network applications". 1- Here, there definitely needs to be an option to add an application to the "Local Network" screen. 2- We need to define the "Local Network" usage authorization for all my applications or the relevant user with a single permission. The worst part here is for CI servers. There are too many application runtimes in CI. It is unnecessary to bother with authorizing all of them here.

Yes, there is a Keychain Access app available on Sequoia (in System/Library/CoreServices/Applications), but it is not the old one; secure notes can neither be created nor retrieved. All of my old secure notes appear to be lost. Yes, I can make new secure notes in the Notes app, but my old secure notes cannot be transferred because they no longer exist.

Hello, I'm currently working on a project that requires real-world object recognition and labeling. I understand that due to the security and privacy issues, we are unable to access the vision pro camera feed. Is there any other external way to solve this problem? Thank you!

PLATFORM AND VERSION iOS Development environment: Xcode Version 16.0 (16A242d), macOS 15.0 (24A335) Run-time configuration: macOS 15.0 (24A335) DESCRIPTION OF PROBLEM macOS Sequoia has new Privacy & Security requirements for local area network access. This causes a call to POSIX socket function 'sendto' to fail immediately with EHOSTUNREACH on the first execution of any app that calls it. That failure occurs even if the socket is set to block for well over the time that it would typically take for the user to click "Allow" when presented with a system dialogue box that requests new permissions for the app. A test XCode project has been provided that is capable of reproducing the issue (see macOSsocketfail.zip at https://drive.google.com/file/d/14VxkT03ddm48RCXikLHf-aWgdqxwnpAB/view?usp=sharing). It will generate a log file that contains time-stamped messages. They report each step in the creation of a blocking UDP socket – and which system call has failed as a result of which error. The message time stamps demonstrate that macOS has terminated the sendto function call after tens of microseconds, well before the 5 minute timeout on the socket, and that it terminates with errno EHOSTUNREACH. That error is misleading, because the destination is pingable on my setup at the time of execution. The second execution of the app functions without error if "Allow" has been selected during the first run. This specific macOS behaviour does not appear to be documented anywhere that I have yet encountered; e.g. the sendto man page, the Privacy & Security LAN FAQ, etc. It is, however, highly disruptive to the use of our product, which hinges on LAN access. We have a situation in which a relatively large collection of apps are using the same shared library to manage network access. All of them must now receive manual permission from an administrator to work; but all of them will fail on their first execution. The problem is amplified because our customers use our framework to build their own apps, and not every user is an administrator. In contrast, apps that use our framework would simply work without issue on their first execution when run on macOS versions that precede Sequoia. We must support our software across multiple platforms, hence the reason that we are using POSIX function calls to implement networking. Unfortunately, the use of an Apple-specific networking API is not a viable solution for us. How should we mitigate this problem? Is there some way to configure an Xcode project so that the build product will already have Sequoia LAN permissions? I have read about the com.apple.developer.networking.multicast entitlement, but it is unclear whether it will help us, from the material that is available. STEPS TO REPRODUCE POSIX function call sequence For the following, addr has type struct sockaddr_in, and it is set appropriately for binding or broadcasting using standard library macros and functions. &addr is cast to a const struct sockaddr pointer and assigned to saddr. sock = socket( PF_INET, SOCK_DGRAM , 0 ) ; bind( sock, saddr, sizeof( addr ) ) ; r = 1 ; setsockopt( sock, SOL_SOCKET, SO_BROADCAST, &r, sizeof( r ) ); struct timeval timeout = { 300 , 0 }; setsockopt( sock , SOL_SOCKET , SO_RCVTIMEO , &timeout , sizeof( timeout ) ); sendto( sock, msg, strlen( msg ) + 1, 0, saddr , sizeof( addr ) ) ; Test program, presuming that a device with IP 100.1.1.1 exists on the LAN that the mac is also connected to. Open Xcode project macOSsocketfail. Build project. Execute first run of macOSsocketfail.app. Click "Allow" when asked for LAN permissions. Search for macOSsocketfail_log.txt, and make a copy with a distinct name e.g. macOSsocketfail_log_firstrun.txt. Execute second run of macOSsocketfail.app. Search for macOSsocketfail_log.txt, and make a copy with a distinct name e.g. macOSsocketfail_log_secondrun.txt. Examine log files. The first run log file will contain the following messages (time stamping will naturally differ): 1727710614.064009: Running udptest 1727710614.064015: Creating socket 1727710614.064030: Bind socket to port: 4000 1727710614.064061: Enable socket broadcast 1727710614.064064: Set socket timeout to 300.000000sec 1727710614.064067: Attempt to send blocking UDP connection packet to 100.1.1.1:589 1727710614.064124: sendto: No route to host Error during call to sendto: errno is EHOSTUNREACH: No route to host The second run log file will record a different outcome: 1727713660.733431: Running udptest 1727713660.733436: Creating socket 1727713660.733451: Bind socket to port: 4000 1727713660.733476: Enable socket broadcast 1727713660.733479: Set socket timeout to 300.000000sec 1727713660.733482: Attempt to send blocking UDP connection packet to 100.1.1.1:589 1727713660.733540: Ran to completion with no error detected Note that each line of the log files begins with a timestamp. The unit is seconds, and the resolution is to the nearest microsecond. Time values are obtained using gettimeofday(). RELEVANT LINKS https://developer.apple.com/forums/thread/663858 https://forums.developer.apple.com/forums/thread/757824 https://developer.apple.com/forums/thread/760964 https://developer.apple.com/documentation/bundleresources/entitlements/com_apple_developer_networking_multicast/ https://developer.apple.com/forums/thread/657887 https://developer.apple.com/forums/thread/655920

On the OS18 build in Xcode16 of my app, user is no longer asked for bluetooth permissions. On the current market build, the user is asked for bluetooth permissions at startup along with Siri and notifications permissions. The siri and notification prompts still display, but not the Bluetooth. I can't find any bluetooth permission related changes in hte release notes and nothing in the code or the info.plist has changed and "Privacy - Bluetooth Always Usage Description" is listed as expected. I now get a "Allow "xxxz" to find devices on local networks?" But not the Bluetooth permission dialog. Does anyone know why this is happening or how to fix it?

Using this Apple repository as a basis https://github.com/apple/sample-cloudkit-zonesharing I created and verified the shared zone and the same zone is private for the person who shared it and shared for the person who received it, so aren't they the same zones? [same zone but different id?] I can make the person who shared the zone (owner) access the zone as a .shared scope just like the person who was shared.

I have a macOS app in production, supporting all macOS versions since 10.15 (Catalina) thru Sequoia. One aspect of the app's functionality is to screen capture the entire screen, including all windows. Starting with Sequoia, my users are receiving a scary system alert saying: "SomeApp" is requesting to bypass the system private window picker and directly access your screen and audio. This will allow SomeApp to record your screen and system audio, including personal or sensitive information that may be visible or audible. I have several questions and concerns about this alert. First of all, as a developer, this is frustrating, as I am using documented, long-standing system APIs, and made no change to my code to cause this warning. Second, nothing in my app records audio in any fashion, and yet the user is made to think I am trying to furtively bypass security controls to record audio, which is absolutely false. The alert seems to be due to the screen capture feature, which is one of the main features of the app, which the user explicitly requests and grants permission for. But to get to the point of the question: is there any definitive documentation anywhere describing exactly which API's trigger this alert? I can't find first-party information from Apple, so I'm kind of guessing in the dark. Searching the internet for all the info I can find (mostly from blog posts of developers and beta-testers), it seemed like the culprit in my code was probably a call to CGWindowListCreateImage, so I spent some time forking the code paths in my app (since I still support back to 10.15) to use the more modern ScreenCaptureKit APIs on systems that support it. But the alert is still appearing, despite not calling into that API at all. Is there a way of calling the modern ScreenCaptureKit APIs that also triggers this alert? As an example, I'm using a snippet like this to get the shareable displays I need do { try await SCShareableContent.excludingDesktopWindows( false, onScreenWindowsOnly: false ) return true } catch { return false } is it possible that this code is triggering the alert because I'm not excluding desktop windows and asking for all windows? to sum up, I (and I'm guessing others) could really use some definitive guidelines on exactly which APIs trigger this alert, so that we can migrate and avoid them if possible. can anyone provide any guidance on this? Thanks in advance!

I'm studying sharing through this link. I followed the first steps by changing the bundle identifier of the project, the tests and placing my own container in the config and in the info.plist. https://github.com/apple/sample-cloudkit-zonesharing The app appears and in the log it appears that it has managed to access my iCloud, but when I click on share and share something, the following message appears in the console, on the simulator and on the iPhone: "No options were found, providing default value for access type" "No options were found, providing default values ​​for permissions" "connection invalidated" And finally, when I click on the shared link, the following message appears: "Item unavailable The owner stopped sharing, or you don't have permission to open it."