Post not yet marked as solved
Post marked as unsolved with 7 replies, 4,519 views
We see warnings like this logged by our processes using XPC:
(Foundation) [com.apple.runtime-issues:Foundation] *** -[NSXPCDecoder validateAllowedClass:forKey:]: NSSecureCoding allowed classes list contains [NSObject class], which bypasses security by allowing any Objective-C class to be implicitly decoded. Consider reducing the scope of allowed classes during decoding by listing only the classes you expect to decode, or a more specific base class than NSObject. This will become an error in the future. Allowed class list: {(
"'NSObject' (0x7ff844ee0d88) [/usr/lib]"
)}
As far as we can see, there is no explicit NSObject in allowed classes for any XPC connection. Where does this list and NSObject come from?