When following this guide https://developer.apple.com/documentation/xcode/embedding-a-helper-tool-in-a-sandboxed-app I cannot run the embedded binary.
I'm getting this error: "zsh: trace trap"
I would like to be able to use the embedded binary for NativeMessaging with for example Chrome but I can't figure out how to allow it to be executable even with sandboxing enabled.
How are Strongbox able to do this with their afproxy executable?
When following this guide … I cannot run the embedded binary.
Are you trying to run this tool from your app, by spawning a child process?
Or are you trying to run it from the shell?
That matters because of sandbox inheritance:
If you want to run the tool as a child of your app, you must sign your code with both the com.apple.security.app-sandbox and com.apple.security.inherit entitlements, as described in that doc.
If you want to run the tool from a shell, you must sign it with com.apple.security.app-sandbox only.
The latter is tricky, because you have to give your tool a bundle ID so the system knows how to create its container. You can do in one of two ways:
Embed the tool in an app-like wrapper, as described in Signing a daemon with a restricted entitlement (while your command-line tool isn’t a daemon, the same logic applies).
Enable the Create Info.plist Section in Binary build setting, so Xcode puts the tool’s Info.plist, which has its bundle ID, into the tool itself.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
