I have requested an Endpoint Security entitlement through this form:https://developer.apple.com/contact/request/system-extension/How can I see that my request is done?How can I check that I am able to use this entitlement?Is it should be listed in my App ID Configuration Capabilities?
Post not yet marked as solved
Steps to reproduce: In XCode, create a new Command Line Tool Project.
Fill the main.cpp file with this code:
cpp
#include csignal
#include iostream
namespace
{
volatile std::sig_atomic_t gSignalStatus;
}
void signal_handler(int signal)
{
gSignalStatus = signal;
}
int main()
{
// Install a signal handler
std::signal(SIGINT, signal_handler);
std::cout "SignalValue: " gSignalStatus '\n';
std::cout "Sending signal " SIGINT '\n';
std::raise(SIGINT);
std::cout "SignalValue: " gSignalStatus '\n';
}
Actual output:
SignalValue: 0
Sending signal 2
SignalValue: 0
Expected output:
SignalValue: 0
Sending signal 2
SignalValue: 2
Is it possible to drag and drop files from my application, NSTableView instance to "Security & Privacy" Preferences pane?
What type of data should be in pasteboard?
I tried NSPasteboardTypeFileURL, but it not acceptable by the pane.
Post not yet marked as solved
I am playing with endpoint security. I trying to implement block/allow user to read/write files on a USB media drive. I made my ep utility as launchctl daemon. I found that some applications couldn't start until I mute those processes for ep_client.
Moreover, some system processes couldn't start until I mute messages from them. And even more, if my utility autoruns on system start, the clock on the top right corner of the screen may be absent. The Terminal app couldn't restore its state, it hangs on start.
Actually, I came to that, my EP daemon should listen to very few processes. Those processes that can read/write files on USB media, and do it by user request. Or under user control.
When KAUTH was not deprecated, I did it right in the kernel extension: if the vnode path is NOT on a removable drive, return DEFER at the beginning of callback.
My question is:
What processes are pure system?
What system processes can read/write files for user or under user control?
Does, for example, /usr/libexec/nsurlsessiond can download a file for user to the USB media?
I wrote a C++ command-line tool by using XCode.My tool crashes sometimes, with a crash report being generated.How can I include Version of my command-line tool in crash report?Now the Version is always 0.
Post not yet marked as solved
Kauth and Finder window update.I have a kernel authorization extension (kauth). It can allow or disallow read files from removable media.When it allows reading files, I open the Finder window on removable media folder, I see the list of files.Then I make a command to my kauth to disallow to read files and list and search. My kauth returns KAUTH_RESULT_DENY for KAUTH_VNODE_LIST_DIRECTORY and KAUTH_VNODE_READ_DATA actions.But in Finder window, I still see a list of files.I invoke [[NSWorkspace sharedWorkspace] noteFileSystemChanged: path] in my daemon, but it does not help.How could I say to Finder to reload the list of files?
Hello.I am developing a network kernel extension and would like to use 'inet_ntop' function in my code.But once I try to load my kext, the system writes me a message that says that the symbol 'inet_ntop' is unresolved.My kext is IOKit based. If I use a generic kext template, kext loads successfully.Is it possible to use 'inet_ntop' function in IOkit based kexts?What other symbols have the same problem?
On the kernel level, how can I define, that vnode is on removable media?I would like that my kernel authorization kext worked only for USB drives.
I am developing a kernel extension for macOS.How can I read kernel logs after computer restart?What is the best way for logging from kernel: printf, IOLog, os_log?
Is there an API for interacting with SAMBA server?Can I upload and download files via SMB protocol by using NSURLConnection?My current solution is getting samba sources, build libsmbclient from them, and use it.But is there a simplest solution? What library is using by Finder?
DanilKorotenko.