Unclear working of Local Network Privacy feature on macOS Sequoia

Starting with macOS Sequoia Beta, a new "Local Network Privacy” feature was introduced, which had previously been present in iOS. Unfortunately, there is little information about this topic on the Apple developer website, especially for the macOS platform. I conducted some experiments to understand the new feature, but was confused by the results. Firstly, I noticed that the type of application accessing the local network in macOS matters - bundled or command-line (CLI) applications. The TCC subsystem does not restrict access to the local network for CLI applications at all, regardless of how they are launched - as a launchd daemon with root privileges, or through a terminal with standard user privileges. At the same time, access to the local network for bundled applications is controlled by the TCC subsystem at most cases. Upon the first request, the system will display an alert to the user explaining the purpose of using the local network. Then, communication with local network devices will be allowed or restricted based on whether consent has been granted or revoked. Secondly, it's worth noting that if the bundled application supports CLI mode (launched through the terminal without a GUI), it will be able to access the local network in that mode regardless of the “Local Network Access” consent state if it has been granted at least once. However, if the same application is in GUI mode, its access to the local network will be limited by the current consent. Is this behaviour correct and likely to remain the same in future releases of macOS Sequoia? Or is there something described here that is incorrect and will be fixed in the upcoming betas? Also, I have posted FB14581221 on this topic with the results of my experiments.

there is little information about this topic on the Apple developer website

Right. I will update the Local Network Privacy FAQ at some point, but I’m still ironing out the details myself.

I noticed that the type of application accessing the local network in macOS matters - bundled or command-line (CLI) applications.

Yes and no. The location of the executable matters because of the way that TCC identifies the responsible code [1]. The other thing that matters is the execution context [2].

The TCC subsystem does not restrict access to the local network for CLI applications at all, regardless of how they are launched

That’s not true. You just happen to have hit two cases where local network privacy does not apply:

  • If you run a tool from Terminal, then Terminal is considered the responsible code and, as a system app, it’s not subject to local network privacy.

  • If you run an executable as a launchd daemon, it runs as root and local network privacy does not apply to code running as root.

However, if you configure the executable to run as a launchd agent, you will see local network privacy prompts [3].

Is this behaviour correct and likely to remain the same in future releases of macOS Sequoia?

Much of the behaviour you’ve described matches my understanding of how the feature is supposed to work on the Mac. It’s possible that things might change as we learn more from the seeding process [4].

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

[1] I define this term in On File System Permissions.

[2] As defined in Technote 2083 Daemons and Agents.

[3] I was testing that last night and saw some very weird behaviour (r. 132968565).

[4] I’m certainly hoping that we fix the launchd agent story.

Hello! Thank you very much for your response! We greatly appreciate the chance to discuss Apple's technologies with their engineers!

If you run a tool from Terminal, then Terminal is considered the responsible code and, as a system app, it’s not subject to local network privacy.

I have conducted more experiments and have attached the new results to FB14581221 (bundled_as_cli_term). If you run the bundled application for the first time through the terminal, a prompt will appear for the Terminal.app. This is not the case for me, but the results of the experiment don't match your expectations:

If you run an executable as a launchd daemon, it runs as root and local network privacy does not apply to code running as root.

Here my experiments also show different results - if the bundled application is launched as a launchd daemon, the prompt will appear, even though the app runs with root privileges (see "bundled_as_daemon" in the attachments for FB14581221):

The latter scenario has an impact on the user experience of my application and I would like to prepare carefully for changes in the macOS. It would be helpful if you could provide information about the expected outcomes of the scenarios mentioned.

Thanks for filing FB14581221. They’ve definitely landed in the right place, right next to my bug (r. 132968565).

At this point I’m going wait to see how that investigation pans out before I dig into this any deeper.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

On the launchd daemon from, see this other thread for more info about what’s going on.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Unclear working of Local Network Privacy feature on macOS Sequoia
 
 
Q