Operational flags attached by code signing services to running code.


struct SecCodeStatus


These flags are maintained by the code's host, and can be read by anyone. Running code may change its own flags, and root may change anyone’s flags. However, each of these flags can change in only one direction and never back, for the lifetime of the code. Not even root can violate this restriction.

All of the bits in the SecCodeStatus enumeration are reserved by Apple. If you set any bits not defined here, the behavior is undefined.



static var valid: SecCodeStatus

The code is dynamically valid.

static var hard: SecCodeStatus

The code prefers to be denied access to resources if gaining access would invalidate it.

static var kill: SecCodeStatus

The code wants to be killed (terminated) if it ever loses its validity.

static var debugged: SecCodeStatus

The code has been debugged by another process that was allowed to do so.

static var platform: SecCodeStatus

The code ships with the operating system and is signed by Apple.


Conforms To

See Also

Guest Code

Hosting Guest Code

Securely launch and manage plug-ins and other executable entities, known as guest code, from within your app acting as a host.

func SecCodeCopyGuestWithAttributes(SecCode?, CFDictionary?, SecCSFlags, UnsafeMutablePointer<SecCode?>) -> OSStatus

Asks a code host to identify one of its guests given the type and value of specific attributes of the guest code.

Null Guest Handle

Use this special value to stand in for a null guest object.

Guest Attribute Dictionary Keys

Specify attributes of guest code.

typealias SecGuestRef

A reference to a guest object, which identifies a particular block of guest code in the context of its code signing host.