- Does the entitlement include USB device enumeration?
What do you mean by USB device enumeration? In general USB devices show up in the I/O Registry, and that’s available to all sandboxed apps, even those without the
- Which classes of USB devices are included?
I don’t think there’s any restrictions here, although you will have the usual problems with devices that are in use by the system (mass storage being the most notable example).
If you want to see what entitlements like this do, you can take a look at their use in various profiles in
/System//Library/Sandbox/Profiles. For example,
com.apple.security.device.usbis only used in
/System/Library/Sandbox/Profiles/application.sb, where it gates access to
WARNING The location and contents of these sandbox profiles is not API. It’s fine to poke around in them to get a better understanding of how the system works, but your app should not rely on their fine structure.
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"