The new environment constraints talk about a responsible process versus the launching process, but I'm not clear on the difference, and haven't been able to find a definition of a responsible process.
Apple systems have complex machinery to track responsibility. This comes up in a bunch of places. For example:
WKWebView has a networking helper process. On iOS, you want the cellular data generated by those processes to be ascribed to the app that’s using the web view.
macOS allows an app to create XPC services. If one of those trips a TCC check, you want the TCC alert to show the app name, not the name of the XPC service.
There is no general API for managing this. Rather, these responsibility references are set up by the system as it starts and manages processes.
AFAIK the only place this is surfaced at the API level is in Endpoint Security, where the responsible_audit_token property tells the ES client the process that’s responsible for the process that triggered the event.
Note that there are two subtly different concepts here:
Responsible process
Responsible code
The latter shows up in TCC, where it’s common for there to be responsible code but no responsible process. For example, if an app has a login item, the login item might be running when the app is not.
I talk about the TCC aspects of this in On File System Permissions.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
