I'm having trouble opening files residing on a custom filesystem implemented as a kext via sandboxed apps.
Preview.app is one such example.
The app launches, but it won't display file contents.
In system log files I'm seeing entries related to com.apple.foundation.filecoordination:claims with no error messages to indicate a possible reason why file contents aren't being displayed.
Non-sandboxed apps, such as GoogleChrome.app do not exhibit such behaviour.
The kext is unsigned and running in an environment with SIP disabled and Security Mode reduced to Permissive.
What is required for a 3rd party filesystem kext to integrate with sandboxed apps?
Any pointers and/or assistance would be greatly appreciated.
General
RSS for tagPrioritize user privacy and data security in your app. Discuss best practices for data handling, user consent, and security measures to protect user information.
Post
Replies
Boosts
Views
Activity
Our company has multiple developers, but when Apple issues a new user agreement, only one person in the company can agree. Is there a way to have multiple legal binding authorities in a company?
I don't want just one person to have the authority and I don't want to lose the ability to update our apps if that one person hasn't submitted all of the formal paperwork.
I want to reset the permission state of location services to "notDetermined" (CLAuthorizationStatus) while developing.
But using the command below gives me this error:
$ tccutil reset CoreLocation
tccutil: Failed to reset CoreLocation
same goes for
$ tccutil reset [my bundleId]
tccutil: Failed to reset CoreLocation approval status for [my bunldeId
Anyone know the reason for this?
A call to the API SecKeyGeneratePair in SecureEnclave for iOS18 returns an OSStatus 0 but the SecKeyRef is not present.
Understand that this API is currently deprecated and there are plans to move to the new APIs, but I believe this API should still work in iOS18 as expected for now.
The API works as expected on iPadOS 18.
// Create SE key
let sacRef = SecAccessControlCreateWithFlags(kCFAllocatorDefault,
kSecAttrAccessibleAfterFirstUnlock,
.privateKeyUsage, nil)!
let privKeyAttr = [
kSecAttrAccessControl: sacRef,
kSecAttrIsPermanent: true,
] as NSDictionary
os_log("Priv key params: %{public}@", log: osLogger, privKeyAttr)
let keygenAttr = [
kSecAttrApplicationLabel: attrApplicationLabelSeKey,
kSecAttrTokenID: kSecAttrTokenIDSecureEnclave,
kSecPrivateKeyAttrs: privKeyAttr,
kSecAttrKeyType: kSecAttrKeyTypeEC,
kSecAttrKeySizeInBits: 256
] as NSDictionary
var error: Unmanaged<CFError>?
os_log("keygen params: %{public}@", log: osLogger, keygenAttr)
var keyRef: SecKey?
let status = SecKeyGeneratePair(keygenAttr,
&keyRef,
nil)
os_log("SecKeyGeneratePair osStatus: %{public}d, keyRef: %{public}@", log: osLogger, status, keyRef == nil ? "null" : "ref present")
On macOS 15, if a program installed in /Applications is allowed to connect to a PostgreSQL server on another machine on the local network, a program launched in debug mode from Xcode is not allowed to connect to the local network, and no prompt appears.
Although it is possible to turn off registered programs in Local Network Privacy in Beta 2, permissions for programs launched from Xcode cannot be obtained at all.
Does anyone know how to solve this problem?
I set up my app very similar to the sample app, putting the Service UUID in the plist and descriptor, I am able to see the picker but when my device is advertising, it doesn't seem to be responding to it. I see it stuck on "Discovering" and then it times out saying "Make sure the accessory is nearby and ready to connect". I also noticed that when I remove the ASK code but leave in the ASK fields in the info plist, my CBManagerAuthroization state is always "not determined". Can anyone help me troubleshoot these 2 issues? Perhaps they are related?
Hi,
I have a package which is signed and notarized. Still I get the warning message to "Allow/Deny" the "Accept incoming network connections" when I launch the application. I could see that the application is present in the firewall exceptions list. Please find the attached screen shots.
regards
Prema Kumar
We are implementing just-in-time account creation using Platform Single Sign-on. After creating the account, we are registering the user with PSSO and we want to ensure that the IDP account used for account creation matches the IDP account used in the user registration flow.
An easy way to do this appears to be using loginUsername on the ASAuthorizationProviderExtensionLoginManager object. loginUsername gets set during account creation and then we can check what the user is entering during registration.
The documentation, however, marks this attribute as deprecated. There is no indication of what could be used instead. Is there some other value we could look at? Does Apple have a plan to introduce a preferred API option?
Thanks!
Why is it that after hiding an app, it can still be seen in many places in the settings, such as:
Settings -> General -> iPhone Storage
Settings -> private and security -> Pemissions
Settings -> Search
Settings -> Siri -> Siri APp Access -> Apps
Additionally, in the App Store, the hidden app still shows as downloaded.
Moreover, global searching for the full name of the app in global search also reveals the app and allows it to be opened.
Why isn't the hiding more thorough? Is this a bug or intentionally designed this way?
It is clearly stated here that automatically created passwords are 20 characters long, contain 2 hyphens and exactly one uppercase letter and one digit.
I have only ever seen generated passwords where the arrangement is in 3 groups of 6 (separated by the hyphens).
From the description in the page referred to above, it could be that the generated password might look like:
nzomZhf-qnbqd-k8ibtt
i.e., a 7-5-6 pattern
This would comply with the definition (if that's what it is) on the aforementioned Support page.
Is it guaranteed that auto generated passwords will conform to the 3 groups of 6 pattern?
Is the method used to unlock an iOS device available to an app? We would like to require a step-up to MFA (in our app) if passcode was used and allow for single factor if Face ID was used.
$ tccutil reset All
This command resets the other permissions (i.e. camera, microphone) but doesn't reset the Local Network permission.
OS: macOS 15.0
We develop an SDK that requires sharing a device-specific identifier with our web API, in order to guarantee that certain artifacts are only used on the correct device. For the device-specific identifier, we use UIDevice.currentDevice.identifierForVendor which should not be restricted under ATT.
In production, many developers are getting back to us with complaints of web requests being blocked:
nw_endpoint_handler_path_change [C1 [our url]:443 waiting parent-flow (satisfied (Path is satisfied), interface: en0[802.11], ipv4, dns, uses wifi)] blocked tracker
Connection 1: received failure notification
Connection 1: failed to connect 1:50, reason -1
Connection 1: encountered error(1:50)
Task <FA03088C-DDFC-437E-A06F-E05CC930E3E0>.<1> HTTP load failed, 0/0 bytes (error code: -1009 [1:50])
Task <FA03088C-DDFC-437E-A06F-E05CC930E3E0>.<1> finished with error [-1009] Error Domain=NSURLErrorDomain Code=-1009 "The Internet connection appears to be offline." UserInfo={_kCFStreamErrorCodeKey=50, NSUnderlyingError=0x3031118f0 {Error Domain=kCFErrorDomainCFNetwork Code=-1009 "(null)" UserInfo={_NSURLErrorBlockedTrackerFailureKey=true, _kCFStreamErrorDomainKey=1, _kCFStreamErrorCodeKey=50, _NSURLErrorNWPathKey=satisfied (Path is satisfied), interface: en0[802.11], ipv4, dns, uses wifi}}, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <FA03088C-DDFC-437E-A06F-E05CC930E3E0>.<1>, _NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <FA03088C-DDFC-437E-A06F-E05CC930E3E0>.<1>"
), NSLocalizedDescription=The Internet connection appears to be offline., NSErrorFailingURLStringKey=..., NSErrorFailingURLKey=..., _kCFStreamErrorDomainKey=1}
Interestingly, I've made a few observations:
The blacklist seems to be persistent, across devices.
The blacklist stays in place regardless of whether we send no identifiable data in the web request (in fact, an empty ping request to our URL still gets blocked)
The only way to get past the block is to use ATT, and request from the user that we track them across websites. This is false, because we don't track any user data whatsoever; and iOS disables ATT by default (in the settings app, users have to opt-in).
Our iOS SDK already has an xcprivacy manifest mentioning the fact that we use a device-specific identifier, and that we send it to our web API URL. Still, we get blocked.
How can we fix this? We can standup a proxy URL but I'd imagine it's only a matter of time before that also gets blocked. Apple has not provided any guidance on the specifics of how domains get blocked, and how they can be unblocked.
I saw this sentence in the documentation at https://developer.apple.com/documentation/bundleresources/information_property_list/nsrequirescertificatetransparency: 'Don’t use this key. The current system enforces this behavior, and new certificates can’t meet the requirement on older systems.'
I understand that new systems will enable CT (Certificate Transparency) verification by default. However, I created a new demo to verify this on an iOS 13 device, and CT verification was not actually enabled.
I’ve been trying to solve this for some time And wondering if anyone else has come across this.
using att framework and receiving user consent to use IDFA. is It possible to know when a user has entered another app on the same device ?
flow:
user consents to att framework in App 1 on iPhone
user opens app 2 on iphone
will app 1 know that user has opened App 2?
Hi,
My app features its own lock screen secured by Face ID or Touch ID. With the introduction of the locked app feature in iOS 18, I want to ensure that users do not experience duplicate lock screens. Could you please advise on how to detect if the locked app feature is enabled in iOS 18, so I can disable my app's internal lock screen when necessary?
Thank you!
Hi,
Are there any samples that IdP vendors can use to add support for Platform SSO in their solutions?
I found this link: https://developer.apple.com/documentation/authenticationservices/platform_single_sign-on_sso/creating_extensions_that_support_platform_sso, which explains how to implement the extension on a device. However, I am having trouble understanding what needs to be implemented on the IdP itself from this documentation.
Does anyone have any links or resources that can help?
Thank you,
Bala
I am implementing passkeys for my Project. We hosted apple-app-site-association file in 2 different sites for my project maintenance. One is with ww.sitename.com and another is www3.sitename.com.
In Xcode adding each of them and testing individually. It's working good at first site and throwing error for second one like below
Application with identifier <> is not associated with domain <>
import AppleProvider from 'next-auth/providers/apple';
export const appleProvider = AppleProvider({
name: 'Apple',
clientId: process.env.NEXT_PUBLIC_APPLE_CLIENT_ID as string,
clientSecret: process.env.NEXT_PUBLIC_APPLE_CLIENT_SECRET as string,
idToken: true,
authorization: {
url: 'https://appleid.apple.com/auth/authorize',
params: {
clientId: process.env.NEXT_PUBLIC_APPLE_CLIENT_ID as string,
scope: 'openid email name',
response_type: 'code',
response_mode: 'form_post',
},
},
token: {
url: 'https://appleid.apple.com/auth/token',
async request(context) {
console.log('----context', { context });
const url =
https://appleid.apple.com/auth/token +
?code=${context.params.code} +
&client_id=${context.provider.clientId} +
&client_secret=${context.provider.clientSecret} +
&redirect_uri=${context.provider.callbackUrl} +
&grant_type=authorization_code;
const response = await fetch(url, {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
});
console.log('----response', { response });
const tokens = await response.json();
console.log('----tokens', { tokens });
return { tokens };
},
},
});
Hello,
The man page for xpcservices.plist states that:
Services embedded in an application bundle will only be visible to the containing application (...)
What exactly "visible" means? Doest that mean that there is a mechanism to prevent other programs than the embedding application to access the XPCService's mach port or it just means that the XPCService is not listed (e.g. launchctl list) and if attacker can guess the mach port they can access it?
I'm asking to understand if there is a security gain using the -[NSXPCConnection setCodeSigningRequirement:] for embedded XPCServices.