es_new_client failed due to app sandbox violation

I try to mix content filter and endpoint security in one system extension, but get error below when the program invoke es_new_client(returned ES_NEW_CLIENTRESULT_ERR_INTERNAL).

Failed to open services: 0xe00002e2: Caller was denied connecting to the ES subsystem, possibly due to a sandbox violation.

how to solve this error while keeping two functionalities in one system extension?

or I have to seperate them?

Answered by DTS Engineer in 810928022

ES and NE sysexes have conflicting sandbox requirements:

  • An ES sysex can’t be sandboxed.

  • An NE sysex must be.

That’s a problem if you want a single sysex that supports both. My understanding is that the solution is to disable the App Sandbox. That’ll get ES working, and NE allows this if there’s ES functionality present.

Note that the absence of sandboxing means that you won’t be able to deploy this via the Mac App Store, but that’s true of all ES sysexes.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Accepted Answer

ES and NE sysexes have conflicting sandbox requirements:

  • An ES sysex can’t be sandboxed.

  • An NE sysex must be.

That’s a problem if you want a single sysex that supports both. My understanding is that the solution is to disable the App Sandbox. That’ll get ES working, and NE allows this if there’s ES functionality present.

Note that the absence of sandboxing means that you won’t be able to deploy this via the Mac App Store, but that’s true of all ES sysexes.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

es_new_client failed due to app sandbox violation
 
 
Q