Will the ES_EVENT_TYPE_NOTIFY_OPEN event be called back when the user has already returned es_respond_flags_result(client, msg, 0, false) in ES_EVENT_TYPE_AUTH_OPEN? I believe the ES_EVENT_TYPE_NOTIFY_OPEN event should not be triggered if the user has already denied the open operation in the ES_EVENT_TYPE_AUTH_OPEN response handler. However, during my testing, ES_EVENT_TYPE_NOTIFY_OPEN was still being called even after I blocked the open process. Is this behavior correct?

According to Apple's development documentation, if I want to install an Endpoint Security system extension, I need to develop a host app that must be installed in the Applications directory. Now, I want to create an ES extension to protect users from accessing certain folders. However, I don't want a custom app to pop up asking the user to allow the installation of the ES extension. (To clarify, it's fine if the system authorization request dialog pops up, but I don't want the host app's UI to appear.) Is there any way to do this?

I downloaded a P12 file (containing a private key) from the company server, and retrieved the private key from this P12 file using a password : private func loadPrivateKeyFromPKCS12(path: String, password: String) throws -> SecKey? { let p12Data: Data do { p12Data = try Data(contentsOf: fileURL) } catch let readError { ... } let options: [CFString: Any] = [ kSecImportExportPassphrase: password as CFString ] var items: CFArray? let status = SecPKCS12Import(p12Data as CFData, options as CFDictionary, &items) guard status == errSecSuccess else { throw exception } var privateKey: SecKey? let idd = identity as! SecIdentity let _ = SecIdentityCopyPrivateKey(idd, &privateKey) return privateKey } However, when I use this private key to call SecKeyCreateSignature for data signing, a dialog box always pops up to ask user to input the Mac admin password. What confuses me is that this private key is clearly stored in the local P12 file, and there should be no access to the keychain involved in this process. Why does the system still require the user's login password for signing? Is it possible to perform silent signing (without the system dialog popping up) in this scenario?

I'm confuse about the loading condition of Finder Sync Extension. I want to run the Finder sync as a user agent service, so I use a command line tool project and added a Finder sync extension target in the project. But when I debug the extension in Xcode, select Finder to run, the init method of Finder sync class never called, I also check the Activity Monitor, there is no the Finder sync extension. But if I use a Cocoa APP, the Finder sync extension will load as normal. So what's the condition to run a Finder Sync Extension in Finder?

I'm trying to display overlay on screen by following code: NSRect windowRect = [[NSScreen mainScreen] frame]; self.overlayWindow = [[NSWindow alloc] initWithContentRect:windowRect styleMask:NSWindowStyleMaskBorderless backing:NSBackingStoreBuffered defer:NO screen:[NSScreen mainScreen]]; [self.overlayWindow setReleasedWhenClosed:YES]; [self.overlayWindow setBackgroundColor:[NSColor colorWithCalibratedRed:0.0 green:1.0 blue:0.0 alpha:0.1]]; [self.overlayWindow setAlphaValue:1.0]; [self.overlayWindow setOpaque:NO]; [self.overlayWindow setIgnoresMouseEvents:NO]; [self.overlayWindow makeKeyAndOrderFront:nil]; self.overlayWindow.ignoresMouseEvents = YES; self.overlayWindow.level = NSScreenSaverWindowLevel; self.overlayWindow.collectionBehavior = NSWindowCollectionBehaviorCanJoinAllSpaces | NSWindowCollectionBehaviorCanJoinAllApplications; But when other APP enter full screen, the overlay disappears even I set the collectionBehavior with option NSWindowCollectionBehaviorCanJoinAllApplications. Is it possible to display a overlay on top of all other APPs?

My role is developer in a development team. Now I want to distribute my Mac App to others by "Direct Distribution". I asked our team holder to apply for the Developer ID Application certification and Developer ID Installer certification, then import these certifications to my development Mac. But when I try to package my App, there is an error: [team id] does not have permission to create "Developer ID" provisioning profile. What is "Developer ID" provisioning profile? Should I ask my team holder to create a corresponding profile on Apple Developer site or should our team need subscribe to some Apple development service ?

I'm developing a file access control system. In order to protect the file content copied out, I'm finding a way to deny user copy file content to other files. I know there are data transmission between the copied application and pboard service by XPC. But I don't know how to interrupt the data transmission. Or I can do something to stop the copied data send to the Clipboard. So is there any way to prevent the contents of a file being copied?