I am trying to disable certain paths from Endpoint Security Events using es_mute_path, but this seems to be returning with ES_RETURN_ERROR. I am currently not having 'com.apple.developer.endpoint-security.client' but is disabling SIP to check the same. What is the reason for this behavior ?
I am trying to disable certain paths from Endpoint Security Events using es_mute_path, but this seems to be returning with ES_RETURN_ERROR. I am currently not having 'com.apple.developer.endpoint-security.client' but is disabling SIP to check the same. What is the reason for this behavior ?
The internal details of how Xcode manages entitlements and signs builds mean that disabling SIP is insufficient to test most restricted entitlements. Theoretically, that's a bug (r.57130762); however, at this point, I don't think it's likely to be fixed given our trend to creating "Development Only" entitlements for cases where we specifically want to facilitate testing.
In any case, if you want to test without being approved for the entitlement, you'll need to disable AMFI as described in this post.
__
Kevin Elliott
DTS Engineer, CoreOS/Hardware