Looking at the test code you posted, it seems that you are fork’ing without exec’ing. This generally doesn’t end well on macOS. The problem is that most of our high-level system services rely on Mach messaging, and Mach messaging gets very confused in this state. macOS only supports fork without exec as far as is necessary to get Posix programs up and running.
IMPORTANT This is not specific to the keychain API. Any API, except the very lowest level stuff in the System framework, is likely to hit similar problems.
Is there a way to safely initialize a child process to support invoking the security APIs?
Yep. Just call exec (-: Seriously though, UNIX-y programs tend to get around this restriction by exec’ing themselves after a fork, supplying a special command-line argument so that
main
knows to enter a “I’m here to respond to keychain requests” mode.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"
