Will the ES_EVENT_TYPE_NOTIFY_OPEN event be called back when the user has already returned es_respond_flags_result(client, msg, 0, false) in ES_EVENT_TYPE_AUTH_OPEN? I believe the ES_EVENT_TYPE_NOTIFY_OPEN event should not be triggered if the user has already denied the open operation in the ES_EVENT_TYPE_AUTH_OPEN response handler. However, during my testing, ES_EVENT_TYPE_NOTIFY_OPEN was still being called even after I blocked the open process. Is this behavior correct?

According to Apple's development documentation, if I want to install an Endpoint Security system extension, I need to develop a host app that must be installed in the Applications directory. Now, I want to create an ES extension to protect users from accessing certain folders. However, I don't want a custom app to pop up asking the user to allow the installation of the ES extension. (To clarify, it's fine if the system authorization request dialog pops up, but I don't want the host app's UI to appear.) Is there any way to do this?

I'm confuse about the loading condition of Finder Sync Extension. I want to run the Finder sync as a user agent service, so I use a command line tool project and added a Finder sync extension target in the project. But when I debug the extension in Xcode, select Finder to run, the init method of Finder sync class never called, I also check the Activity Monitor, there is no the Finder sync extension. But if I use a Cocoa APP, the Finder sync extension will load as normal. So what's the condition to run a Finder Sync Extension in Finder?

I'm trying to display overlay on screen by following code: NSRect windowRect = [[NSScreen mainScreen] frame]; self.overlayWindow = [[NSWindow alloc] initWithContentRect:windowRect styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:NO screen:[NSScreen mainScreen]]; [self.overlayWindow setReleasedWhenClosed:YES]; [self.overlayWindow setBackgroundColor:[NSColor colorWithCalibratedRed:0.0 green:1.0 blue:0.0 alpha:0.1]]; [self.overlayWindow setAlphaValue:1.0]; [self.overlayWindow setOpaque:NO]; [self.overlayWindow setIgnoresMouseEvents:NO]; [self.overlayWindow makeKeyAndOrderFront:nil]; self.overlayWindow.ignoresMouseEvents = YES; self.overlayWindow.level = NSScreenSaverWindowLevel; self.overlayWindow.collectionBehavior = NSWindowCollectionBehaviorCanJoinAllSpaces | NSWindowCollectionBehaviorCanJoinAllApplications; But when other APP enter full screen, the overlay disappears even I set the collectionBehavior with option NSWindowCollectionBehaviorCanJoinAllApplications. Is it possible to display a overlay on top of all other APPs?

My role is developer in a development team. Now I want to distribute my Mac App to others by "Direct Distribution". I asked our team holder to apply for the Developer ID Application certification and Developer ID Installer certification, then import these certifications to my development Mac. But when I try to package my App, there is an error: [team id] does not have permission to create "Developer ID" provisioning profile. What is "Developer ID" provisioning profile? Should I ask my team holder to create a corresponding profile on Apple Developer site or should our team need subscribe to some Apple development service ?

I'm developing a file access control system. In order to protect the file content copied out, I'm finding a way to deny user copy file content to other files. I know there are data transmission between the copied application and pboard service by XPC. But I don't know how to interrupt the data transmission. Or I can do something to stop the copied data send to the Clipboard. So is there any way to prevent the contents of a file being copied?