NetworkExtension keychain sharing

IS it possible to have my app which starts my content filtering Network Extension access my shared keychain. They all have the same keychain access group, but my data provider can't seem to access the shared keychain access group.


Thanks,

Matt

Up vote post of shieldagematt Down vote post of shieldagematt
648 views
Posted by
shieldagematt
Reply
Add a Comment

Accepted Reply

I should … return a needs more rules and then in my Control Provider get the category of the website and block it later or allow it later? Does that sound right?

Yes. That’s exactly how the data and control providers are expected to interact.

Also is there a way to share a file with NEFilterControlProvider and the Actual Application …

I don’t know for sure. I would have assumed that the control provider and the app could share a standard app group, but I haven’t tested that.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Post marked as solved
Add a Comment

Replies

Are you talking about your control provider (

NEFilterControlProvider
) or you data provider ( 
NEFilterDataProvider
)? If it’s the latter then I wouldn’t expect the shared keychain to work because the sandbox on the data provider is very tight.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Thanks for the quick reply, that is probably it. Am I also safe to assume I will not be able to send out a network request from that NEFilterDataProvider to get a response on what the category of the host is from my webservices. I should probably return a needs more rules and then in my Control Provider get the category of the website and block it later or allow it later? Does that sound right?


Also is there a way to share a file with NEFilterControlProvider and the Actual Application, when they are settings things up in the Client I would like all of those settings written out to a file and then the NEFilterControlProvider read from it, is that possible?


Thanks,

Matt

Posted by
shieldagematt
Up vote reply of shieldagematt Down vote reply of shieldagematt
Add a Comment

I should … return a needs more rules and then in my Control Provider get the category of the website and block it later or allow it later? Does that sound right?

Yes. That’s exactly how the data and control providers are expected to interact.

Also is there a way to share a file with NEFilterControlProvider and the Actual Application …

I don’t know for sure. I would have assumed that the control provider and the app could share a standard app group, but I haven’t tested that.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Post marked as solved
Add a Comment