Cross post from my post here. https://developer.apple.com/forums/thread/807142 I was advised to post in this category.
Will I be rejected if I let users ssh into their own macs to run command line programs. I just got this in an email. Is that relevant to letting users ssh into their own box? Where do we go to get permission from apple? Is that before or after app store review?
"4.7.2: Clarifies that apps offering software not embedded in the binary may not extend or expose native platform APIs or technologies to the software without prior permission from Apple."
Original post before response from Apple: Why can’t sandboxed mac app store apps have full disk access available in the system settings for full disk access?
I discovered mac app store apps in release mode cannot access the ai auggie command line program and other command line programs like opengrep on your system. Debug builds fine.
I came up with a workaround: Since I have an ssh client built in for connecting to remote servers, why not connect to ssh on the same local machine… Ask the user for their username and password in a popup.
To do this, you have to enable remote login on your mac in system settings -> sharing.
In addition you must grant full disk access to cli ssh in system settings: add /usr/libexec/sshd-keygen-wrapper
It all works, but I don’t see the cli program in mac settings. To remove the cli program you must run a command line program to remove all full disk access support from all apps. No way to just undo ssh.
So my question is, even though I got CodeFrog all working for a mac app store release, should I not do it because it’s insecure or too complicated with the system settings? Should I instead sell the app off the store like Panic Nova?
Need some advice. I have not implemented in app purchases yet. Should I just have a reality check and sell the app off the store, or try for app store approval?
Bummer…
Maybe I’m ahead of my time, but perhaps Apple could review the source code for apps requesting full disk access and make sure there’s nothing fraudulent in them. Then, developer tools app store apps could be in the store with the user’s assurance that nothing is happening behind the scenes that is scary.
From: https://blog.greenrobot.com/2025/11/10/i-have-a-decision-to-make/
Related post: https://developer.apple.com/forums/thread/806187
I submitted a code level tech support question for this. They directed me here.
I have a blog post describing some of my app's features here: https://blog.greenrobot.com/2025/11/05/codefrog-find-and-fix-bugs-fast-with-macos-and-mobile-apps/
