Preventing deleting of an app

Apple's Endpoint security framework seems to have ways to prevent deleting of file.

  1. If we write an app that has a system extension that uses this framework, will the same app be able to prevent deletion if its own .app file ?

  2. If yes, when a user attempts to delete the app from /Applications folder, can we ask the user to enter a 'master password' before user is able to delete the app ?

The app is sandbox, signed by develope id, and for MacOS.

Up vote post of dawood79 Down vote post of dawood79
523 views
Posted by
dawood79
Reply
Add a Comment

Replies

Are you targeting a managed environment? Or are you trying to implement this feature for normal users?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

First for unmanaged users. Later for managed users. Is the solution different in each case ?

Posted by
dawood79
Up vote reply of dawood79 Down vote reply of dawood79
Add a Comment

Is the solution different in each case?

It’s more that the range of solutions is different for these cases.

For managed users, the device manager can do lots of things that aren’t possible otherwise. I’m not sure if preventing app removal is one of them. If you want to research this further, I recommend:

  • The Device Management documentation

  • The Device Management tag here on DevForums

  • Various areas outside of DevForums, such as Apple Support Communities, run by Apple Support, and specifically the in Business and Education topic areas

And if you need to do something that’s not possible, you can file an enhancement request outlining your requirements.

OTOH, the story for unmanaged devices is very different. Apple usually doesn’t enable this sort of feature for unmanaged devices. The user is in control of their own Mac and should be able to remove your software without any additional restrictions.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

Thanks. Let's consider the unmanaged devices case. How about this approach?

  • the main app contains a system extension that uses Apple's endpoint protection framework

https://developer.apple.com/documentation/endpointsecurity

  • have an uninstaller app as the companion of the main app (also installed in /Applications folder)

  • the system extension within the main app monitors for the file deletion event, ie. es_event_unlink_t

  • when user directly deletes the main app, the system extension denies the operation.

  • system extension allows the deletion operation only when it detects that our uninstaller is trying to delete the main app. In this way, the uninstaller app can ask for passwords etc if we need, but no other process will be allowed to delete the main app

Posted by
dawood79
Up vote reply of dawood79 Down vote reply of dawood79
Add a Comment

You can certainly experiment with techniques like that, but it’s not something I’m going to help you with because:

  • Even if you get it working, it’s going to end up being super brittle.

  • It runs counter to the standard model for unmanaged Macs.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment