After installing a product that contains a system extension on a 10.14 device, a dialog shows at the bottom of "Security & Privacy" that says "Software was blocked from loading". Here you have to option to allow the extension. However I would like to delete the application and leave the extension blocked. After deleting the application I see that the dialog still remains. How do I remove this ?

The function CFNetworkCopyProxiesForAutoConfigurationScript causes a consistent memory leak. Simplifying the code provides: var err: UnmanagedCFError? = Unmanaged.passRetained(CFErrorCreate(nil, "" as CFErrorDomain, 0, nil))     let proxiesCFArrayRef = CFNetworkCopyProxiesForAutoConfigurationScript(       script as CFString,       self.wsAsHTTPURL as CFURL,       &err     )     err?.release()     proxiesCFArrayRef?.release() Which leaks. Is this a bug in CFNetwork or is there another way of clearing the memory allocated ?

My application contains a Content Filter Network System extension. My VPN creates a null/loopback encapsulated tunnel in order to route the traffic to the vpn. I've noticed that I get FilterSocketFlows through the FilterDataProvider but I never see any tunnel traffic appearing in the FilterPacketProvider. How can the Packet provider be configured to filter tunnel traffic ? Note : I have tried only registering a PacketProvider and still dont see any traffic. Is there any documentation of proper configuration ?

I'm developing a product with a Content Filter System Extension with both NEFilterPacketProvider and NEFilterSocketProvider. What's the behavior where mutiple system extension verdicts disagree ? Specifically what happens if our extension .allows a connection and another applications system extension .denys the same connection, or visa versa.

I'm working on an ios app and I would like to play a sound in the background, through the loud speaker without this affecting other apps playing through another channel eg. bluetooth speaker. I've tried alot of combinations of AVAudioSession settings. However it seems that even when I use multiRoute category and set the required input channel, my apps audio will be interrupted if any other app plays. Settings the duckothers option allows my audio to play but this will play through whatever output channel the other apps playing through. Furthermore, if I force using the loud speakers, This forces all sound from other apps to be routed through the loud speaker. Is it possible to force your apps audio through the loud speaker while other apps use headphones ?

This question seems like it may have been asked before but I can't find the right answer. I've bundled my app into a package which is signed and notarized, but when I trying to install it a see the error : can’t be opened because Apple cannot check it for malicious software. The package has been signed: sudo pkgutil --check-signature [PKG_PATH] yields Status: signed by a developer certificate issued by Apple for distribution ... After forcing it to install I see that the installed app is also signed: sudo codesign -d --verbose=4 [APP_PATH] yields ... CDHash=4ab0ad946f99b5bc54fe5203e91be9cb596e5b82 Signature size=8970 Authority=Developer ID Application: ______ (XXXXXX) Authority=Developer ID Certification Authority Authority=Apple Root CA Timestamp=Jun 22, 2020 at 5:50:07 PM ... The bundle is also notarized: sudo spctl -a -vv [APP_PATH] yields source=Notarized Developer ID origin=Developer ID Application: ___ (XXXXX) What else could I have possibly missed ? How do I remove this error so I can install the product ?

If I install an app that includes a system extension I've noticed that when I remove this app the system extension remains.I'm removing the app with `pkgutil --forget [PKG_NAME]` and deleting dependencies.NOTE : I cannot disable SIP and have you to this remotely or via a script.BR

I have a network system extension that is a `FilterDataProvider`. It works well for successful connections to and from the host machine.Example from printing the local and remote NWHostEndpoint objects from the `handleNewFlow` function:```New flow observed : 192.168.56.1:64911->192.168.56.105:9000 (Outbound)[TCP]```However when I make a failed TCP connection from my host, a new flow is not created because the connection failed. In this case I see that the functions `handleInboundDataComplete` get called. The local address is always `0.0.0.0:0` for an outbound connection example:```0.0.0.0:0 -> 192.168.56.105:9000``Now a `tcpdump` on the remote machine shows that the connection was attempted:```12:09:16.929211 IP 192.168.56.105.9000 > 192.168.56.1.64910: Flags [R.], seq 0, ack 885948719, win 0, length 012:09:17.931356 IP 192.168.56.1.64910 > 192.168.56.105.9000: Flags [S], seq 885948718, win 65535, options [mss 1460,nop,wscale 6,nop,nop,TS val 783305121 ecr 0,sackOK,eol], length 012:09:17.931682 IP 192.168.56.105.9000 > 192.168.56.1.64910: Flags [R.], seq 0, ack 1, win 0, length 012:09:21.937581 ARP, Request who-has 192.168.56.1 tell 192.168.56.105, length 2812:09:21.937760 ARP, Reply 192.168.56.1 is-at 0a:00:27:00:00:00 (oui Unknown), length 46```Question 1 ) Is there any way of getting local address and port information from an Outbound failed connection?I also can't find how to get any notification in this framework in the case of a failed INBOUND connection.Question 2) Is there any way of getting information for failed Inbound connections?NOTE : I understand that I could use the PacketFilterProvider, but this would require complex matching between the two providers and is potentially needless processing, plus I need the pid of the process responsible for the flow (or failed flow).Thank you.