When I call AXIsProcessTrustedWithOptions in a sandboxed program the dialog to request permission does not open and I get "sandbox deny(1) mach-lookup com.apple.universalaccessAuthWarn" error in the console.
If I add a temporary entitlement com.apple.security.temporary-exception.mach-lookup.global-name for com.apple.universalaccessAuthWarn the error goes away and the dialog appears. This doesn't make any sense however that should I need this entitlement to simply ask the user for their permission and I suspect it will get rejected from the AppStore.
Does anyone know if what I'm doing is correct?
Related
I keep getting this error when editing or creating the consent screen.
This happens whenever I click edit settings on the consent screen. An error dialog pops up saying
"Sorry, there’s a problem. If you entered information, check it and try again. Otherwise, the problem might clear up on its own, so check back later.
Tracking Number: #############"
After this, I can stay on the consent screen settings, but I can't add any scopes at all. I don't understand why it's happening, it worked fine before. But now for weeks it's been like this and I can't edit the consent screen.
This usually happens because you don't have the authorization to perform edits, i.e. it is a permission issue. If you go to the link https://console.cloud.google.com/iam-admin/iam?project=YOUR-PROJECT-ID you should be able to see the Identity Access Management permissions assigned to your user, if there is any. You should find out who is the owner of the project and request editor permissions for the action you are attempting to do.
I am using GeoLocator for location. I have given permission in the manifest for:
1.Access_Coarse_Location
2.Access_Fine_Location
3.Internet
Still, it is not asking for permission. I have to give permission from Device App Setting. otherwise, the app will be crash.
Please give me the solution.
Thanks in advance.
From android 6 and onward you have to request the permission at the run-time.
You have added permissions in manifest, hence you can allow them in settings.
But as you haven't requested for them when the app starts or your activity launches, your app doesn't have the required permission and hence it's crashing.
You can follow this article to know how to request permission at run-time.
https://blog.xamarin.com/requesting-runtime-permissions-in-android-marshmallow/
We're developing a Mac App(non-sandboxed) needs to access an ssl client certificate in keychain.
when the app first launches, there is a prompt to confirm to access keychain item. with options: always allow, allow, deny. which is fine.
when user choose always allow, the next time user launches app, the app will have the right access to use that certificate. but, when our app is update.(our app update using sparkle, it just simply replace the .app file on disk, then relaunches the app) , the updated app SOMEHOW CAN NOT ACCESS THIS CERTIFICATE, and get error -25293(errSecAuthFailed) ,
console output
Dec 10 19:21:55 userMacBook-Pro.local com.apple.SecurityServer[15]: suppressing keychain prompt for invalidly signed client /Applications/My-APP.app(42277)
Dec 10 19:21:55 userMacBook-Pro.local My-APP[42277]: CFNetwork SSLHandshake failed (-25293)
Error Domain=kCFStreamErrorDomainSSL Code=-25293
then i check that private key in keychain, the app's name is still in access control panel. finally, i reboot the system, the updated app can access this certificate again(without any promote prompt to confirm to access keychain item) and everything works fine. so, how can i keep the app keep right access to certificate after update without reboot the system? but this bug is not always shown, if the system is just boot(not running for hours), the app can update serval times and keep the right to certificate.
the app is always in access control after user click "Always Allow"
PS, if i manually go to access control list and choose "Allow all applications to access this item, then the app will has the right access. but we can not let our user to do this operation"
after some google search, i found a similar issue on sequel-pro
Won't save passwords on 10.8 12A269
SO, how can i let my app update , and keep the right access ? I found this issue on serval 10.9.x , 10.10.x systems.
Following the instructions as per Apple Documentation to allow a user with Safari to visit a website and get Push Notifications for the Apple Push Notification Service.
I'm using SSL, have a certificate from Apple, and have generated the push package file.
Safari downloads this when running the prompt requestPermission, displays the user permission request prompt, but on the user clicking 'approve', the callback function is never called.
window.safari.pushNotification.requestPermission(url, websitePushID, userInfo, callback);
The callback function is never called.
No exceptions are thrown.
No POST is made to the server for any success or error.
The website is now listed under System Preferences > Notifications.
The website is not listed under Notifications within Safari Preferences.
Further attempts to requestPermission or query permission are denied instantly.
The only way to reset the denied permission is to edits OSXs internal sqllite file and delete a bunch of config files within Safari before I can retry the request.
What could be causing this unusual behaviour?
It's hard to judge without the exact javascript you are using, but the 3 permission types that you see in the apple documentaion are default, granted and denied.
If the permission is granted or denied, then the user has already set whether they want to receive these push notifications. Once a user has denied a push notification then Apple has made the decision that they cannot be asked again (without changing settings.) If they already have been granted permission there is no need to call window.safari.pushNotification.requestPermission
The only time that you would call window.safari.pushNotification.requestPermission is when permission has neither been denied nor granted. Only in this case will you want to call the function and expect for a response to trigger the callback function. If you see a permission request prompt it means the requestionPermission has worked.
I realize that I'm a bit late to the game here in getting sandbox-ready, but so it goes.
I'm developing for OS X 10.9. The app displays Calendar event data, but does not allow editing, so I have enabled the Calendars capability.
The app works great with sandboxing enabled when I run it from Xcode, but when I export it signed with Developer ID, the app runs, but can't access the Calendar data. What's more, the system never asks me to allow the app to access Calendar data.
When I run the app, it launches, but doesn't show any data. In Console, sandboxd throws a bunch of errors that look like this:
sandboxd: ([54]) appleeventsd(54) deny file-read-metadata /Library
and
sandboxd: ([54]) appleeventsd(54) deny mach-lookup com.apple.ocspd
I've checked the app's entitlements with codesign -d --entitlements, and it confirms that it's Sandboxed and has calendar entitlements. However, when I check in-app to see if it has permission to access [EKEventStore authorizationStatusForEntityType:EKEntityTypeEvent], it, unsurprisingly given it has never asked, returns EKAuthorizationStatusNotDetermined.
I feel like I am missing something pretty basic here regarding entitlements, code signing, or deployment, but I'm at a loss to find out what it is. And so I throw myself on your collective mercy and wisdom.