User Profile

This is new Catalina behavior. The file access error described below never happened on Mojave and High Sierra.My sandboxed Mac App store app includes a sandboxed XPC helper service in its app bundle.The XPC helper service has the standard entitlements: com.apple.security.app-sandbox and com.apple.security.inheritThe host app creates a document file in its own sandbox container's Caches directory. After the save operation completes,it invokes a method on the XPC service, sending the document's URL. That method on the XPC service tries to open and read the document file at that URL.Error Received: The file couldn’t be opened because you don’t have permission to view it. Permission denied.So then I tried an experiment where the user would select a folder for the XPC service to put files using NSSavePanel.The document was then written there by the host app.XPC service could not open the file either. The file couldn’t be opened because you don’t have permission to view it. Permission denied.In both instances, the XPC service did not "inherit" the sandbox state of its host app. This violates the com.apple.security.inherit entitlement.The radar report is: FB7450619