I have a .NET 6 application that runs in the background. The installer is a .pkg file built using a third-party tool called "Packages". All .dylib and executable files are codesigned before packaging. The resulting .pkg file is notarized.
The app uses these entitlements:
- com.apple.security.cs.allow-jit
- com.apple.security.cs.allow-unsigned-executable-memory
- com.apple.security.cs.allow-dyld-environment-variables
- com.apple.security.cs.disable-library-validation
The app is built on a macbook Air 2015 running macOS 12.6 and it works without issues on that machine. On a macbook Pro M3 running macOS 14.6.1 the app fails to run even though the installation itself is successful.
The only logs that I was able to find are related to syspolicyd (4 warnings):
- Unable to apply protection to app: 45, PST: (vuid: A78FF6C2-08D5-4DCC-B946-8836251AA0E7), (objid: 1873967), (team: (null)), (id: (null)), (bundle_id: (null))
- Failed to register app bundle for protection: 45, PST: (vuid: A78FF6C2-08D5-4DCC-B946-8836251AA0E7), (objid: 1873967), (team: (null)), (id: (null)), (bundle_id: (null))
- scan failed, finishing evaluation : PST: (vuid: A78FF6C2-08D5-4DCC-B946-8836251AA0E7), (objid: 1873967), (team: (null)), (id: (null)), (bundle_id: (null))
- Terminating process due to Gatekeeper rejection: 95158, <private>
Unfortunately, verification commands such as
- sudo codesign --verify --deep --strict -vvv MyApplication.App
- spctl -a -vvv -t install MyApplicationInstaller.pkg
do not indicate any issues.
Are there any additional steps that need to be performed in order for my app to work properly on newer machines?