User Profile

I have a framework in my project that is composed of a main framework binary, with a number of dylibs that it depends on bundled with it: MyFramework.framework/ Versions/ A/ Frameworks/ foo.dylib bar.dylib Resources/ ... MyFramework _CodeSignature/ ... It is signed to run locally before being bundled into my main app project. Unfortunately, when embedding and signing the framework into my app, codesign is skipping re-signing the dylibs, which causes my hardened app to reject them from being loaded. Am I doing something wrong, or is this a bug?

The app I'm working on has a document format that allows references to other, external documents/images/etc that are not necessarily stored adjacent to the actual document file, nor bundled alongside it. I understand that the recommendation here would be to use document-scoped security bookmarks for each file (and then store that bookmark so that I don't have to ask again), but this is going to be a really invasive experience for the user to have to individually approve access to each of these linked files. Is there any approach I can take here that would let the user review a list of these files for approval, rather than doing it one-by-one?

I'm in the process of enabling sandboxing, and the hardened runtime for my app, and I'm trying to share some files written my a group container shared by my main application, and an XPC service that it bundles.Unfortunately, any files or directories I create in the group container have com.apple.quarantine set on them.It doesn't seem to matter if I use NSFileManager API to create folders/files, or use an external tool like /usr/bin/ditto.Is there any way to prevent this?