In one of the applications that I develop, since version 9.3 of Xcode, an embedded target binary that is launched from the main application using NSTask now fails to launch with the following error message:
Sandbox: [AppName(App PID)] deny(1) forbidden-sandbox-reinit
I couldn't find much information about it and it's not clear what change happened in Xcode 9.3 (also happens in 9.4 beta 1) that causes this to fail.
It sounds like you have entitlement issues. If you embed a executable within a sandboxed app it must have the
com.apple.security.app-sandboxcom.apple.security.inheritI recommend that you dump the entitlements of your built binary to see what’s what. You can learn more about that in Technote 2415 Entitlements Troubleshooting.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"[1] The other options is to have no entitlements, which is a compatibility path that gives you the same behaviour, but my experience is that this is frowned upon by the App Store submission machinery.
the key is … "and only those entitlements"
Yeah, that trips up a lot of folks, so much so that I finally got around to writing it up in the official docs: Embedding a Command-Line Tool in a Sandboxed App.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"