Hello,
We have a sandboxed app in App Store. It does scans at some point and one of them is checking if a browser is running. e.g. check if "Google Chrome" is running. We use a third party library to do the scan. Apparently, the library calls process-info-listpids and it is denied access. That's why the scan to check if Chrome is running fails.
Here are some of the Console logs (replaced the app name/signing info etc with placeholders) :
Sandbox: APPNAME(40905) deny(1) process-info-listpids
Violation: deny(1) process-info-listpids
Parent Process: debugserver [40906]
MetaData: {"flags":5,"responsible-process-user-uuid":"UUIDNUMBER","hardware":"Mac","pid":40905,"errno":1,"profile-flags":0,"responsible-process-path":"PATHTOPROCESS","summary":"deny(1) process-info-listpids","profile-in-collection":false,"uid":501,"responsible-process-uid":501,"platform-binary":false,"operation":"process-info-listpids","signing-id":"SIGNINGID","team-id":"TEAMID","apple-internal":false,"container":"CONTAINERPATH","build":"Mac OS X 10.15.4 (19E287)","action":"deny","process-path":"PROCESSPATH","platformbinary":"no","process":"PROCESSNAME","platform-policy":false}
The app has access to root directory as we ask for it from user using NSOpenPanel; so no problem with access to folders.
Is there an entitlement to solve this issue?
We have a sandboxed app in App Store. It does scans at some point and one of them is checking if a browser is running. e.g. check if "Google Chrome" is running. We use a third party library to do the scan. Apparently, the library calls process-info-listpids and it is denied access. That's why the scan to check if Chrome is running fails.
Here are some of the Console logs (replaced the app name/signing info etc with placeholders) :
Sandbox: APPNAME(40905) deny(1) process-info-listpids
Violation: deny(1) process-info-listpids
Parent Process: debugserver [40906]
MetaData: {"flags":5,"responsible-process-user-uuid":"UUIDNUMBER","hardware":"Mac","pid":40905,"errno":1,"profile-flags":0,"responsible-process-path":"PATHTOPROCESS","summary":"deny(1) process-info-listpids","profile-in-collection":false,"uid":501,"responsible-process-uid":501,"platform-binary":false,"operation":"process-info-listpids","signing-id":"SIGNINGID","team-id":"TEAMID","apple-internal":false,"container":"CONTAINERPATH","build":"Mac OS X 10.15.4 (19E287)","action":"deny","process-path":"PROCESSPATH","platformbinary":"no","process":"PROCESSNAME","platform-policy":false}
The app has access to root directory as we ask for it from user using NSOpenPanel; so no problem with access to folders.
Is there an entitlement to solve this issue?