Hi,
I have an authorization plugin for macOS. It uses Core BLE to authenticate the login user with a near by mobile phone.
The BLE session is denied since Monterey 12.3.
This Security Agent Plugin for macOS is using the CBPeripheralManager and implementing the CBPeripheralManagerDelegate. Since Monterey 12.3, I get the CBManagerState.unauthorized when trying to access BLE. Its a new behavior.
Anybody with insights on this?
cheers
My understanding is that Bluetooth added a user-controlled privilege in the macOS 12 timeframe. For normal apps the user gets to control access in System Preferences > Security & Privacy > Bluetooth. However, an authorisation plug-in is not a normal app — it’s a plug-in loaded by a system program — and so there’s no easy way to add it to that list.
I don’t know if it’s possible to work around this. It very much depends on how Bluetooth implemented this privilege and someone else in DTS is the expert in that issue. My advice is that you open a DTS tech support incident and we’ll get together and see what we can uncover.
Note This might take a while because I’m OOO for the winter break at the end of today.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
Thanks for your reply.
Well, it seems that I have found a work around for this problem. Using a Daemon running with sandbox capability. This way I am able to add BLE entitlement to the Daemon, and the user can grant a Bluetooth privilege. Now the authorization plug-in is sending requests by XPC to the Daemon, and the Daemon is doing the BLE stuff.
cheers sivan