How can I tell which restricted items does my application attempts to access

Hi,

I've got swiftUI based application. It seems that on some occasions, when the app starts, I get the following popup window but I don't know which restricted items it attempts to access (passwords,network, etc..) . How can I tell what trigger this elevation message ?

Thanks !

After running some diagnostics using fs_usage, I've found out that my application apply to the following file which is restricted :

/Users/user/Library/Application Support/Knowledge/knowledgeC.db-wal

I've read about this database, but i'm not sure which of the frameworks I attempt to access this file. Any idea which one should it be ?

Is this a Mac app? Or an iOS running in the simulator? Or an iOS app running on an Apple silicon Mac?

The reason I ask is that ~/Library/Application Support/Knowledge is tied to a subsystem that originated on iOS that tracks user activity to better manage resources. While that subsystem is now present on macOS (I’d point you at the coreduetd man page, but it has none)-: I’m struggling to think of any reason why a macOS app would try to access that directory.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

It appears that I was wrong and the restricted file lies in /Users/user/Library/Autosave Information/

according to fs_usage,

/Users/user/Library/Autosave Information/com.myComp.myApp.plist

this file is probably copy of our app preferences file which have the same name

/Users/user /Library/Preferences/com.myComp.myApp.plist

but it looks like nothing is being written to that file, It just attempt to read this non-existent replica in Autosave folder and that what trigger the permission popup. I've tried to disable access to Autosave using the following command but it didn't work...

defaults write com.myComp.myApp ApplePersistence -bool no

i remove all known contents from my application and it still attempt to access this file in the folder. Any idea how i can avoid reading this file ?

Hi Quinn, one more insight I've got, when running the app using open, no attempt was made to access the Autosave Information folder. but when the app was run as lunchAgent using proper plist file under /Library/LaunchAgents/ than the attempt was made... does it make any sense ?

Sorry I missed your earlier post. That’s been happening a lot recently, and I’m not sure it’s entirely my fault )-:

but when the app was run as [launchd agent]

Interesting. What does your launchd property list file look like?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Hi Quinn thanks for your help. Here's the agent plist contents. Notice that if I run it directly and not as launchAgent, there's no attempt to access /Users/user/Library/Autosave Information/. does the plist contents may explain it ?

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>Label</key>
    <string>com.comp.prod.myAgent</string>
    <key>LimitLoadToSessionType</key>
    <string>Aqua</string>
    <key>Program</key>
    <string>/Applications/myApp.app/Contents/MacOS/myApp</string>
    <key>RunAtLoad</key>
    <true/>
    <key>KeepAlive</key>
    <true/>
</dict>
</plist>

OK. I generally don’t recommend running on entire app as an agent, but that’s not something that should trigger this issue.

When you next see this problem, run sample against your process and see what the backtrace of the stuck thread looks like.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

How can I tell which restricted items does my application attempts to access
 
 
Q