Search results for

“codesign”

3,222 results found

Post

Replies

Boosts

Views

Activity

iOS Build Memory Access Issues Causing Crashes
Our app has an old codebase, originating in 2011, which started out as purely Objective-C (and a little bit of Objective-C++), but a good amount of Swift has been added over time as well. Lots of Objective-C and Swift inter-op, but in general very few 3rd party libraries/frameworks. Like many other codebases of this size and age, we have a good amount of accumulated tech debt. In our case, that mostly comes in the form of using old/deprecated APIs (OpenGL primary amongst them), and also using some ‘tricks’ that allowed us to do highly customized UI popups and the like before they were officially supported by iOS, but unfortunately are still in use to this day (i.e. adding views directly to the UIWindow such that that are ‘on top’ of everything, instead of presenting a VC). Overall though, the app is very powerful and capable, and generally has a relatively low crash rate. About two months ago, we started seeing some new crashes that seemed to be totally unrelated to the code changes that were made at the time
Topic: Developer Tools & Services SubTopic: General Tags:
5
0
371
Sep ’25
Reply to Xcode keeps crash after upgrade to macOS 26
i have the same issue too, xcode safari unable to launch, when open will report error : Exception Type: EXC_BAD_ACCESS (SIGKILL (Code Signature Invalid)) Exception Subtype: UNKNOWN_0x32 at 0x000000011c816ca8 Exception Codes: 0x0000000000000032, 0x000000011c816ca8 Termination Reason: Namespace CODESIGNING, Code 2, Invalid Page
Topic: Developer Tools & Services SubTopic: Xcode Tags:
Sep ’25
Reply to XPC codesign requirement crashes application
Thanks for bringing this to the forums. This is a weird one, and I’m glad to be able to answer it in public. [quote='801478021, dkocher, /thread/801478, /profile/dkocher'] The designated codesign requirement on the XPC connection is set to … [/quote] The most likely cause of this issue is a quoting problem. Consider this: % cat ok.txt anchor apple generic and certificate leaf[subject.OU] = SKMME9E2Y8 % csreq -r ok.txt -t anchor apple generic and certificate leaf[subject.OU] = SKMME9E2Y8 % cat ng.txt anchor apple generic and certificate leaf[subject.OU] = 1KMME9E2Y8 % csreq -r ng.txt -t error: invalid or corrupted code requirement(s) Requirement syntax error(s): line 1:55: unexpected token: = line 1:57: expecting EOF, found '1' The only difference between ok.txt and ng.txt is that the Team ID starts with a digit. That throws off the requirements parser, resulting in wacky errors. When you use it with NSXPCConnection the error occurs at a point where it’s very hard to propagate, and thus you trap. The
Topic: App & System Services SubTopic: Processes & Concurrency Tags:
Sep ’25
XPC codesign requirement crashes application
We have an application that sets a code signing requirement on a XPC connection between a File Provider extension and the main application. Only with a specific Developer ID certificate that designated requirement is not accepted and the application crashes with EXC_CRASH (SIGABRT) and the stacktrace Thread 1 Crashed:: Dispatch queue: com.apple.root.default-qos 0 libsystem_kernel.dylib 0x19b556388 __pthread_kill + 8 1 libsystem_pthread.dylib 0x19b58f88c pthread_kill + 296 2 libsystem_c.dylib 0x19b498a3c abort + 124 3 libc++abi.dylib 0x19b545384 abort_message + 132 4 libc++abi.dylib 0x19b533cf4 demangling_terminate_handler() + 344 5 libobjc.A.dylib 0x19b1b8dd4 _objc_terminate() + 156 6 libc++abi.dylib 0x19b544698 std::__terminate(void (*)()) + 16 7 libc++abi.dylib 0x19b547c30 __cxxabiv1::failed_throw(__cxxabiv1::__cxa_exception*) + 88 8 libc++abi.dylib 0x19b547bd8 __cxa_throw + 92 9 libobjc.A.dylib 0x19b1aecf8 objc_exception_throw + 448 10 Foundation 0x19d5c3840 -[NSXPCConnection setCodeSigningRequirement:] +
Topic: App & System Services SubTopic: Processes & Concurrency Tags:
2
0
336
Sep ’25
Reply to Privileged helper without SMJobBless
I've seen the suggestion in the documentation to use SMAppService, but couldn't find a good implementation covering security aspects. In terms of installation security, this is largely handled by SMAppService itself. Activating components embedded in your own bundle means that codesigning validation ensures that your daemon can't be altered. In terms of runtime validation, the techniques for that are basically the same as what's shown in EvenBetterAuthorization. That means using XPC to validate the connection itself and the authorization system to confirm user intent. __ Kevin Elliott DTS Engineer, CoreOS/Hardware
Topic: App & System Services SubTopic: Processes & Concurrency Tags:
Sep ’25
Reply to Allow "Browser" to find devices on local networks
Hi Quinn, Thank you for your reply! After your advice I checked the code signing, and here’s what I found: With every release of our software, we sign all binaries using the codesign utility, and each binary has static Designated Requirements that don’t change from release to release. Overall, our signing process is the same as everyone else’s, and as far as I know, the original Chromium faces the same update issues https://issues.chromium.org/issues/346505950. Moreover, Chromium developers made opinion in (https://issues.chromium.org/issues/346505950#comment31) that this local network permission is associated with the specific Mach-O UUIDs of an application rather than being tied to a code signing identity like most other TCC permissions are on macOS. The network extension subsystem listens for LaunchServices notifications about an application being installed and updates the Mach-O UUIDs it associates with an application's bundle identifier. This means that when LaunchService sees a new version of a
Topic: App & System Services SubTopic: Networking Tags:
Sep ’25
Reply to XPC codesign requirement crashes application
Log output from com.apple.securityd below: 2025-08-29 15:36:50.076408+0200 0x6dc007 Debug 0x0 26936 0 : (libxpcfileprovider.dylib) [:NSXPCConnection] Set code signing requirement with team identifier 2025-08-29 15:36:50.076991+0200 0x6dc007 Default 0x0 26936 0 : (Security) [com.apple.securityd:security_exception] MacOS error: -67052 2025-08-29 15:36:50.078752+0200 0x6dc007 Debug 0x0 26936 0 : (Security) [com.apple.securityd:security_exception] 0 Security 0x000000019fa4ec74 Security::CommonError::LogBacktrace() + 124 2025-08-29 15:36:50.078785+0200 0x6dc007 Debug 0x0 26936 0 : (Security) [com.apple.securityd:security_exception] 1 Security 0x000000019fa4f20c Security::MacOSError::MacOSError(int) + 312 2025-08-29 15:36:50.078800+0200 0x6dc007 Debug 0x0 26936 0 : (Security) [com.apple.securityd:security_exception] 2 Security 0x000000019f92bbd4 Security::CodeSigning::CSError::CSError(int, __CFDictionary const*) + 24 2025-08-29 15:36:50.078810+0200 0x6dc007 Debug 0x0 26936 0 : (Security) [com.apple.securi
Topic: App & System Services SubTopic: Processes & Concurrency Tags:
Sep ’25
Certificate Active in Keychain and I think Xcode but Not Recognized by VS Code / Flutter on macOS Tahoe (macOS 15)
Hi, hoping someone can help here. I recently updated my Mac to macOS 15 (Tahoe) and am using Xcode 15+ (possibly 16). I’m working on a Flutter app and testing on a real iPhone device. Here's the situation: I’m using the free Apple Developer account. My signing certificate and provisioning profile both show as valid and active in Keychain and says signing... in Xcode. When I build and run the app from Xcode, it works completely fine on a simulator. But when I try to run the same project from VS Code using flutter run, whether on an simulator phone or my personal iphone, I get a code signing error, specifically: Failed to codesign Flutter.framework with identity... I believe the app is set to use the correct Team ID because it says my name and (team) (my team ID isBDKUKWVRBY), and I can see my certificate in Keychain under My Certificates. What I’ve already tried: flutter clean pod install / pod update Manually selecting my team in Xcode Signing settings Restarting my machine and VS Code Confirming the
Topic: Code Signing SubTopic: Certificates, Identifiers & Profiles
1
0
154
Sep ’25
Xcode 16.x crashes immediately on launch - MacBook Pro 15,4 mid-2019
Hardware & OS: MacBook Pro 15,4 (mid-2019) macOS 15.7 (24G222) Apple Hardware Diagnostics: Passed (ADP000) Xcode crashes on every launch attempt with identical CoreSimDeviceIO framework failures. This started after an automatic Xcode update and affects multiple Xcode versions. Versions tested (all crash identically): Xcode 16.0 (26.0/24228) Xcode 16.4 (23792) *Unable to download Xcode 15.4 due to my ios Crash signature: Exception Type: EXC_BAD_ACCESS (SIGKILL Code Signature Invalid) Crashed Thread: 0 (main thread) Crashing Framework: CoreSimDeviceIO.framework Termination Reason: CODESIGNING, Code 2 Invalid Page Troubleshooting completed: Multiple fresh Xcode downloads from Apple Developer portal Security database rebuild and SystemPolicy reset Complete macOS clean reinstall Developer tools reset (xcode-select) NVRAM reset Hardware diagnostics (passed) Additional problem: macOS compatibility enforcement prevents installing Xcode 15.x as a workaround, showing update to latest version errors even fo
Topic: Developer Tools & Services SubTopic: Xcode Tags:
1
0
136
Sep ’25
Reply to CI - Warning: unable to build chain to self-signed root for signer
Thank you for the answer, I already went over this document. I have problems only with SSH and CI. In the logged-in session, application is signed successfully. Steps I took over SSH: % security find-identity -p codesigning Policy: Code Signing Matching identities 1) 4E7CC0830457446B065A4EEA4CE259E9C3F8107C Apple Development: (CSSMERR_TP_CERT_EXPIRED) 2) E89C6BAEF24BCB768B27A482DF05F5C4623977AE Developer ID Application: 3) E89C6BAEF24BCB768B27A482DF05F5C4623977AE Developer ID Application: 3 identities found Valid identities only 1) E89C6BAEF24BCB768B27A482DF05F5C4623977AE Developer ID Application: 2) E89C6BAEF24BCB768B27A482DF05F5C4623977AE Developer ID Application: 2 valid identities found Then, % security list-keychains /Users/ec2-user/Library/Keychains/login.keychain-db /Library/Keychains/System.keychain % security unlock-keychain % codesign -s Developer ID Application... -f test1 test1: replacing existing signature Warning: unable to build chain to self-signed root for signer Develo
Topic: Code Signing SubTopic: Certificates, Identifiers & Profiles
Sep ’25
Reply to Accessibility permission in sandboxed app
I’m not able to reverse engineer other developer’s apps on your behalf, but I can offer some general advice. You can tell whether an app is sandboxed using codesign. For example, BBEdit is sandboxed: % codesign -d --entitlements - /Applications/BBEdit.app | grep -A 2 com.apple.security.app-sandbox … [Key] com.apple.security.app-sandbox [Value] [Bool] true but Xcode is not: % codesign -d --entitlements - /Applications/Xcode.app | grep -A 2 com.apple.security.app-sandbox … % Not all Mac App Store apps are sandboxed. Some apps shipped on the store before sandboxing was required. So, when you see an app that does something that’s seemingly impossible, it’s a good idea to check whether it’s actually sandboxed or not. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com
Topic: App Store Distribution & Marketing SubTopic: General Tags:
Sep ’25
Reply to iOS Build Memory Access Issues Causing Crashes
Quinn asked me if I could take a look at this, and I have to say this is going to be a tricky one to track down. Let me start with the basics of what's going on. Pulling from your first crash log, here are the crucial details: Exception Type: EXC_BAD_ACCESS (SIGKILL) Exception Subtype: KERN_PROTECTION_FAILURE at 0x0000000000000000 Exception Codes: 0x0000000000000002, 0x0000000000000000 ... Termination Reason: CODESIGNING 2 Invalid Page ... Thread 4 name: Dispatch queue: assetsQueue Thread 4 Crashed: 0 ??? 0x0 ??? 1 Video Star 0x1012b34b0 __28-[ClipMixerView asyncRender]_block_invoke + 512 2 ...g_rt.asan_ios_dynamic.dylib 0x10559adf4 __wrap_dispatch_async_block_invoke + 196 3 libdispatch.dylib 0x19aacaaac _dispatch_call_block_and_release + 32 4 libdispatch.dylib 0x19aae4584 _dispatch_client_callout + 16 5 libdispatch.dylib 0x19aad32d0 _dispatch_lane_serial_drain + 740 6 libdispatch.dylib 0x19aad3dac _dispatch_lane_invoke + 388 7 libdispatch.dylib 0x19aade1dc _dispatch_root_queue_drain_deferred_wlh + 2
Topic: Developer Tools & Services SubTopic: General Tags:
Sep ’25
Reply to macOS 26 Launch Constraints
OK, so you’re dying from a launch constraint violation. That launch constraint can come from two places: You can bake a constraint into your executable. The code running your daemon can apply a constraint. I believe you’ve eliminated the first possibility, but it’s a good idea to check that. You can do that using codesign: % codesign -d -vvv Desktop/My App.app/Contents/MacOS/com.myCompany.myDaemon … Launch Constraints: … You shouldn’t see a Launch Constraints field. As to the second possibility, there are two things to check: Make sure your daemon is signed with the some code-signing identity as the container app. Move your app from the desktop to a directory that isn’t protected by MAC. MAC-protected directories — like the desktop, Documents folder, and Downloads folder — cause all sorts of weird behaviour. I generally recommend that you run your app from either the Xcode build directory or /Applications. For more info about MAC, see On File System Permissions. Share and Enjoy — Quinn “The
Topic: Code Signing SubTopic: General Tags:
Sep ’25
iOS Build Memory Access Issues Causing Crashes
Our app has an old codebase, originating in 2011, which started out as purely Objective-C (and a little bit of Objective-C++), but a good amount of Swift has been added over time as well. Lots of Objective-C and Swift inter-op, but in general very few 3rd party libraries/frameworks. Like many other codebases of this size and age, we have a good amount of accumulated tech debt. In our case, that mostly comes in the form of using old/deprecated APIs (OpenGL primary amongst them), and also using some ‘tricks’ that allowed us to do highly customized UI popups and the like before they were officially supported by iOS, but unfortunately are still in use to this day (i.e. adding views directly to the UIWindow such that that are ‘on top’ of everything, instead of presenting a VC). Overall though, the app is very powerful and capable, and generally has a relatively low crash rate. About two months ago, we started seeing some new crashes that seemed to be totally unrelated to the code changes that were made at the time
Topic: Developer Tools & Services SubTopic: General Tags:
Replies
5
Boosts
0
Views
371
Activity
Sep ’25
Reply to Xcode keeps crash after upgrade to macOS 26
i have the same issue too, xcode safari unable to launch, when open will report error : Exception Type: EXC_BAD_ACCESS (SIGKILL (Code Signature Invalid)) Exception Subtype: UNKNOWN_0x32 at 0x000000011c816ca8 Exception Codes: 0x0000000000000032, 0x000000011c816ca8 Termination Reason: Namespace CODESIGNING, Code 2, Invalid Page
Topic: Developer Tools & Services SubTopic: Xcode Tags:
Replies
Boosts
Views
Activity
Sep ’25
Reply to XPC codesign requirement crashes application
Thanks for bringing this to the forums. This is a weird one, and I’m glad to be able to answer it in public. [quote='801478021, dkocher, /thread/801478, /profile/dkocher'] The designated codesign requirement on the XPC connection is set to … [/quote] The most likely cause of this issue is a quoting problem. Consider this: % cat ok.txt anchor apple generic and certificate leaf[subject.OU] = SKMME9E2Y8 % csreq -r ok.txt -t anchor apple generic and certificate leaf[subject.OU] = SKMME9E2Y8 % cat ng.txt anchor apple generic and certificate leaf[subject.OU] = 1KMME9E2Y8 % csreq -r ng.txt -t error: invalid or corrupted code requirement(s) Requirement syntax error(s): line 1:55: unexpected token: = line 1:57: expecting EOF, found '1' The only difference between ok.txt and ng.txt is that the Team ID starts with a digit. That throws off the requirements parser, resulting in wacky errors. When you use it with NSXPCConnection the error occurs at a point where it’s very hard to propagate, and thus you trap. The
Topic: App & System Services SubTopic: Processes & Concurrency Tags:
Replies
Boosts
Views
Activity
Sep ’25
XPC codesign requirement crashes application
We have an application that sets a code signing requirement on a XPC connection between a File Provider extension and the main application. Only with a specific Developer ID certificate that designated requirement is not accepted and the application crashes with EXC_CRASH (SIGABRT) and the stacktrace Thread 1 Crashed:: Dispatch queue: com.apple.root.default-qos 0 libsystem_kernel.dylib 0x19b556388 __pthread_kill + 8 1 libsystem_pthread.dylib 0x19b58f88c pthread_kill + 296 2 libsystem_c.dylib 0x19b498a3c abort + 124 3 libc++abi.dylib 0x19b545384 abort_message + 132 4 libc++abi.dylib 0x19b533cf4 demangling_terminate_handler() + 344 5 libobjc.A.dylib 0x19b1b8dd4 _objc_terminate() + 156 6 libc++abi.dylib 0x19b544698 std::__terminate(void (*)()) + 16 7 libc++abi.dylib 0x19b547c30 __cxxabiv1::failed_throw(__cxxabiv1::__cxa_exception*) + 88 8 libc++abi.dylib 0x19b547bd8 __cxa_throw + 92 9 libobjc.A.dylib 0x19b1aecf8 objc_exception_throw + 448 10 Foundation 0x19d5c3840 -[NSXPCConnection setCodeSigningRequirement:] +
Topic: App & System Services SubTopic: Processes & Concurrency Tags:
Replies
2
Boosts
0
Views
336
Activity
Sep ’25
Reply to Privileged helper without SMJobBless
I've seen the suggestion in the documentation to use SMAppService, but couldn't find a good implementation covering security aspects. In terms of installation security, this is largely handled by SMAppService itself. Activating components embedded in your own bundle means that codesigning validation ensures that your daemon can't be altered. In terms of runtime validation, the techniques for that are basically the same as what's shown in EvenBetterAuthorization. That means using XPC to validate the connection itself and the authorization system to confirm user intent. __ Kevin Elliott DTS Engineer, CoreOS/Hardware
Topic: App & System Services SubTopic: Processes & Concurrency Tags:
Replies
Boosts
Views
Activity
Sep ’25
Reply to Allow "Browser" to find devices on local networks
Hi Quinn, Thank you for your reply! After your advice I checked the code signing, and here’s what I found: With every release of our software, we sign all binaries using the codesign utility, and each binary has static Designated Requirements that don’t change from release to release. Overall, our signing process is the same as everyone else’s, and as far as I know, the original Chromium faces the same update issues https://issues.chromium.org/issues/346505950. Moreover, Chromium developers made opinion in (https://issues.chromium.org/issues/346505950#comment31) that this local network permission is associated with the specific Mach-O UUIDs of an application rather than being tied to a code signing identity like most other TCC permissions are on macOS. The network extension subsystem listens for LaunchServices notifications about an application being installed and updates the Mach-O UUIDs it associates with an application's bundle identifier. This means that when LaunchService sees a new version of a
Topic: App & System Services SubTopic: Networking Tags:
Replies
Boosts
Views
Activity
Sep ’25
Reply to XPC codesign requirement crashes application
Log output from com.apple.securityd below: 2025-08-29 15:36:50.076408+0200 0x6dc007 Debug 0x0 26936 0 : (libxpcfileprovider.dylib) [:NSXPCConnection] Set code signing requirement with team identifier 2025-08-29 15:36:50.076991+0200 0x6dc007 Default 0x0 26936 0 : (Security) [com.apple.securityd:security_exception] MacOS error: -67052 2025-08-29 15:36:50.078752+0200 0x6dc007 Debug 0x0 26936 0 : (Security) [com.apple.securityd:security_exception] 0 Security 0x000000019fa4ec74 Security::CommonError::LogBacktrace() + 124 2025-08-29 15:36:50.078785+0200 0x6dc007 Debug 0x0 26936 0 : (Security) [com.apple.securityd:security_exception] 1 Security 0x000000019fa4f20c Security::MacOSError::MacOSError(int) + 312 2025-08-29 15:36:50.078800+0200 0x6dc007 Debug 0x0 26936 0 : (Security) [com.apple.securityd:security_exception] 2 Security 0x000000019f92bbd4 Security::CodeSigning::CSError::CSError(int, __CFDictionary const*) + 24 2025-08-29 15:36:50.078810+0200 0x6dc007 Debug 0x0 26936 0 : (Security) [com.apple.securi
Topic: App & System Services SubTopic: Processes & Concurrency Tags:
Replies
Boosts
Views
Activity
Sep ’25
Certificate Active in Keychain and I think Xcode but Not Recognized by VS Code / Flutter on macOS Tahoe (macOS 15)
Hi, hoping someone can help here. I recently updated my Mac to macOS 15 (Tahoe) and am using Xcode 15+ (possibly 16). I’m working on a Flutter app and testing on a real iPhone device. Here's the situation: I’m using the free Apple Developer account. My signing certificate and provisioning profile both show as valid and active in Keychain and says signing... in Xcode. When I build and run the app from Xcode, it works completely fine on a simulator. But when I try to run the same project from VS Code using flutter run, whether on an simulator phone or my personal iphone, I get a code signing error, specifically: Failed to codesign Flutter.framework with identity... I believe the app is set to use the correct Team ID because it says my name and (team) (my team ID isBDKUKWVRBY), and I can see my certificate in Keychain under My Certificates. What I’ve already tried: flutter clean pod install / pod update Manually selecting my team in Xcode Signing settings Restarting my machine and VS Code Confirming the
Topic: Code Signing SubTopic: Certificates, Identifiers & Profiles
Replies
1
Boosts
0
Views
154
Activity
Sep ’25
Xcode 16.x crashes immediately on launch - MacBook Pro 15,4 mid-2019
Hardware & OS: MacBook Pro 15,4 (mid-2019) macOS 15.7 (24G222) Apple Hardware Diagnostics: Passed (ADP000) Xcode crashes on every launch attempt with identical CoreSimDeviceIO framework failures. This started after an automatic Xcode update and affects multiple Xcode versions. Versions tested (all crash identically): Xcode 16.0 (26.0/24228) Xcode 16.4 (23792) *Unable to download Xcode 15.4 due to my ios Crash signature: Exception Type: EXC_BAD_ACCESS (SIGKILL Code Signature Invalid) Crashed Thread: 0 (main thread) Crashing Framework: CoreSimDeviceIO.framework Termination Reason: CODESIGNING, Code 2 Invalid Page Troubleshooting completed: Multiple fresh Xcode downloads from Apple Developer portal Security database rebuild and SystemPolicy reset Complete macOS clean reinstall Developer tools reset (xcode-select) NVRAM reset Hardware diagnostics (passed) Additional problem: macOS compatibility enforcement prevents installing Xcode 15.x as a workaround, showing update to latest version errors even fo
Topic: Developer Tools & Services SubTopic: Xcode Tags:
Replies
1
Boosts
0
Views
136
Activity
Sep ’25
Reply to CI - Warning: unable to build chain to self-signed root for signer
Thank you for the answer, I already went over this document. I have problems only with SSH and CI. In the logged-in session, application is signed successfully. Steps I took over SSH: % security find-identity -p codesigning Policy: Code Signing Matching identities 1) 4E7CC0830457446B065A4EEA4CE259E9C3F8107C Apple Development: (CSSMERR_TP_CERT_EXPIRED) 2) E89C6BAEF24BCB768B27A482DF05F5C4623977AE Developer ID Application: 3) E89C6BAEF24BCB768B27A482DF05F5C4623977AE Developer ID Application: 3 identities found Valid identities only 1) E89C6BAEF24BCB768B27A482DF05F5C4623977AE Developer ID Application: 2) E89C6BAEF24BCB768B27A482DF05F5C4623977AE Developer ID Application: 2 valid identities found Then, % security list-keychains /Users/ec2-user/Library/Keychains/login.keychain-db /Library/Keychains/System.keychain % security unlock-keychain % codesign -s Developer ID Application... -f test1 test1: replacing existing signature Warning: unable to build chain to self-signed root for signer Develo
Topic: Code Signing SubTopic: Certificates, Identifiers & Profiles
Replies
Boosts
Views
Activity
Sep ’25
Reply to Accessibility permission in sandboxed app
I’m not able to reverse engineer other developer’s apps on your behalf, but I can offer some general advice. You can tell whether an app is sandboxed using codesign. For example, BBEdit is sandboxed: % codesign -d --entitlements - /Applications/BBEdit.app | grep -A 2 com.apple.security.app-sandbox … [Key] com.apple.security.app-sandbox [Value] [Bool] true but Xcode is not: % codesign -d --entitlements - /Applications/Xcode.app | grep -A 2 com.apple.security.app-sandbox … % Not all Mac App Store apps are sandboxed. Some apps shipped on the store before sandboxing was required. So, when you see an app that does something that’s seemingly impossible, it’s a good idea to check whether it’s actually sandboxed or not. Share and Enjoy — Quinn “The Eskimo!” @ Developer Technical Support @ Apple let myEmail = eskimo + 1 + @ + apple.com
Topic: App Store Distribution & Marketing SubTopic: General Tags:
Replies
Boosts
Views
Activity
Sep ’25
Can I Exporting a Developer ID PacketTunnelProvider Plugin?
I can develop a PacketTunnelProvider on Mac with xcode. I work with my self codesign. But when I sign it with Developer ID after read https://developer.apple.com/forums/thread/737894 , it still fail when I turn on the vpn .
Topic: App & System Services SubTopic: Networking Tags:
Replies
12
Boosts
0
Views
239
Activity
Sep ’25
Reply to iOS Build Memory Access Issues Causing Crashes
Quinn asked me if I could take a look at this, and I have to say this is going to be a tricky one to track down. Let me start with the basics of what's going on. Pulling from your first crash log, here are the crucial details: Exception Type: EXC_BAD_ACCESS (SIGKILL) Exception Subtype: KERN_PROTECTION_FAILURE at 0x0000000000000000 Exception Codes: 0x0000000000000002, 0x0000000000000000 ... Termination Reason: CODESIGNING 2 Invalid Page ... Thread 4 name: Dispatch queue: assetsQueue Thread 4 Crashed: 0 ??? 0x0 ??? 1 Video Star 0x1012b34b0 __28-[ClipMixerView asyncRender]_block_invoke + 512 2 ...g_rt.asan_ios_dynamic.dylib 0x10559adf4 __wrap_dispatch_async_block_invoke + 196 3 libdispatch.dylib 0x19aacaaac _dispatch_call_block_and_release + 32 4 libdispatch.dylib 0x19aae4584 _dispatch_client_callout + 16 5 libdispatch.dylib 0x19aad32d0 _dispatch_lane_serial_drain + 740 6 libdispatch.dylib 0x19aad3dac _dispatch_lane_invoke + 388 7 libdispatch.dylib 0x19aade1dc _dispatch_root_queue_drain_deferred_wlh + 2
Topic: Developer Tools & Services SubTopic: General Tags:
Replies
Boosts
Views
Activity
Sep ’25
Reply to macOS 26 Launch Constraints
Thanks for the feedback! No launch constraints in the codesign output, and the codesigning matches between app and daemon. I moved the app to /Applications and the issue persists. Alas, I'm still confused...
Topic: Code Signing SubTopic: General Tags:
Replies
Boosts
Views
Activity
Sep ’25
Reply to macOS 26 Launch Constraints
OK, so you’re dying from a launch constraint violation. That launch constraint can come from two places: You can bake a constraint into your executable. The code running your daemon can apply a constraint. I believe you’ve eliminated the first possibility, but it’s a good idea to check that. You can do that using codesign: % codesign -d -vvv Desktop/My App.app/Contents/MacOS/com.myCompany.myDaemon … Launch Constraints: … You shouldn’t see a Launch Constraints field. As to the second possibility, there are two things to check: Make sure your daemon is signed with the some code-signing identity as the container app. Move your app from the desktop to a directory that isn’t protected by MAC. MAC-protected directories — like the desktop, Documents folder, and Downloads folder — cause all sorts of weird behaviour. I generally recommend that you run your app from either the Xcode build directory or /Applications. For more info about MAC, see On File System Permissions. Share and Enjoy — Quinn “The
Topic: Code Signing SubTopic: General Tags:
Replies
Boosts
Views
Activity
Sep ’25