Is there a feature available to sandbox profiles that would allow a suid program (in this particular case, /bin/ps) to be exec-ed without privilege (with the uid of exec-ing process instead of uid of file owner.) Currently, trying to launch gives error: sandbox-exec: execvp() of '/bin/ps' failed: Operation not permitted With logged message: deny(1) forbidden-exec-sugid If I make a copy of /bin/ps, thus removing the suid-bit, it does run ok in the sandbox. However, it would be more convent if I could just tell the sandbox environment to allow the exec without elevating privilege. Yes, I understand sandbox-exec has been DEPRECATED for quite a while, and the profile language is "Apple System Private Interface", but I thought I'd ask anyway. Thanks.

What are the system requirements for MetalFX upscaling? Will it only be available on systems that support Metal 3 (which I believe excludes the most current Apple TV)?