Network Local Privacy pop-up on macos Sequoia

Question

Created 3w

Replies 8

Boosts 0

Participants 2

Starting from macOS 15 (macOS Sequoia), a new pop-up is triggered: “Local Network Privacy.” We have some questions regarding this new pop-up on MacOS:

Running the following simple code:

cups_dest_t *dests;
int num_dests = cupsGetDests(&dests);

triggers the “Local Network Privacy” pop-up.

Question: Is this intended behavior? Even if the user presses the “Deny” button, printers can still be iterated, and it is possible to set options for the printer. Is this intended behavior? If so, which actions related to the CUPS library will be denied when the user presses the “Deny” button?

Question: Should this pop-up appear for daemons/launchd processes? We found similar questions on some forums, but the answers are unclear. It seems that the pop-up should not appear for launch daemons. We tested the mentioned code with CUPS, and the pop-up was triggered.

Is this a bug? If so, will it be resolved before the new macOS version is released?

Question: There is somewhere documented all the scenarios in which this pop-up may appear is challenging?

Regarding automatically allowing or disallowing the pop-up: We found the following response:

“There is no way to automatically allow or disallow the local network privacy prompt. If it shows up in your app, you will need to analyze your code to better understand how the prompt is being triggered. If the prompt is triggered by a library you do not control, you will need to either remove the library or inquire further with the library vendor.”

Question: How can we ensure that a launchd daemon will work as expected if the user presses the “Deny” button?

Is there any way to detect if the user pressed “Deny”?

Answered by DTS Engineer in 803541022

OK. Based on my conversations with the local network privacy team, it should not apply to code running as root. Indeed, we had a bug in earlier betas where we failed to implement this pass through correctly.

So, if you’re still seeing local network privacy problems from your daemon on the latest macOS 15 beta (well, release candidate), I recommend that you file a bug about that.

Please post your bug number, just for the record.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Boost

Answer 1

DTS Engineer OP

Apple

3w

I have a Local Network Privacy FAQ that you should read. I haven’t yet had a chance to update this for macOS, but most of the iOS stuff applies on macOS as well.

Before I tackle your specific question, I have a question for you: Are you building an app? If not, what are you building?

On iOS there are only apps, which simplifies the LNP story. macOS has other, weirder, things — daemons, agents, in-process plug-ins, and more — and the LNP story for this is more complex.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 2

AlexPuskas OP

2w

All the questions are about macOS launch daemon.

0

Answer 3

DTS Engineer OP

Apple

2w

OK. Is the daemon running as root (the default)? Or have you set up a role account?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 4

AlexPuskas OP

2w

The daemon is running as root (by default), started from:

/Library/LaunchDaemons/

0

Answer 5

DTS Engineer OP

Apple

2w

Recommended

OK. Based on my conversations with the local network privacy team, it should not apply to code running as root. Indeed, we had a bug in earlier betas where we failed to implement this pass through correctly.

So, if you’re still seeing local network privacy problems from your daemon on the latest macOS 15 beta (well, release candidate), I recommend that you file a bug about that.

Please post your bug number, just for the record.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 6

AlexPuskas OP

2w

The bug was reproduced on macOS 15.0 (24A335).

"Simply enumerating the printers from a launchd daemon causes the Local Network privacy pop-up to be displayed."

A bug ticket was opened as mentioned: FB15144682.

0

Answer 7

DTS Engineer OP

Apple

2w

A bug ticket was opened as mentioned: FB15144682

Thanks.

I don’t see a sysdiagnose log attached to that bug. Please reproduce the problem, then trigger the sysdiagnose log, then attach that to your bug report.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0

Answer 8

AlexPuskas OP

1w

I updated macOS to 15.1 Beta (24B5046f), and the bug seems to be resolved.

Simply enumerating the printers using the CUPS library no longer triggers the 'Network Local Privacy' pop-up."

0