We have managed to get the endpoint security framework working using the sample code and WWDC2020 video in developer mode and with sip disabled.
We have couple of questions here:
The documentation says it is a c library. We already have a daemon and we would like to integrate this functionality into our daemon. Can we use this through a launchctl daemon without using the app template and extension template?If it is possible, what else is needed apart from the entitlement in a production environment?
If we use a system extension template,how does an enterprise admin get around the user prompts for allowing system extensions ? Is there a way to grant full disk access by the admin without user intervention?