Is there a known bug/limitation with the SecCodeCheckValidityWithErrors on OS X 10.9/10.10 when it comes to checking the validity of an app in the following case:
B is launched by launchd and runs an XPC mach service.
A is a client of this XPC mach service.
When A tries to connect to B, B checks the calling process with SecCodeCheckValidityWithErrors.
On OS X 10.9/10.10, SecCodeCheckValidityWithErrors returns -67030 (errSecCSInfoPlistFailed / invalid Info.plist (plist or signature have been modified)).
On OS X 10.11 and later, SecCodeCheckValidityWithErrors succeeds.
If a copy of B is installed outside of the A.app bundle and it's this copy that launchd starts, A can communicate with B.
[Q] Was there a bug in OS X 10.9/10.10 where SecCodeCheckValidityWithErrors would return -67030 if the XPC server is inside the MacOS folder of the XPC client?
the application A.app is a bundle.
inside Ap.app/Contents/MacOS there is an additional binary B.
B is launched by launchd and runs an XPC mach service.
A is a client of this XPC mach service.
When A tries to connect to B, B checks the calling process with SecCodeCheckValidityWithErrors.
On OS X 10.9/10.10, SecCodeCheckValidityWithErrors returns -67030 (errSecCSInfoPlistFailed / invalid Info.plist (plist or signature have been modified)).
On OS X 10.11 and later, SecCodeCheckValidityWithErrors succeeds.
If a copy of B is installed outside of the A.app bundle and it's this copy that launchd starts, A can communicate with B.
[Q] Was there a bug in OS X 10.9/10.10 where SecCodeCheckValidityWithErrors would return -67030 if the XPC server is inside the MacOS folder of the XPC client?