Crate endpoint_sec

source ·
Available on macOS only.
Expand description

Safe bindings for the Endpoint Security Framework for Apple targets (macOS).

The sys module contains the raw bindings since several types are publicly exported from there.

At runtime, users should call version::set_runtime_version() before anything else, to indicate on which macOS version the app is running on.

The entry point is the Client type, which is a wrapper around es_client_t, with the Client::new() method.

After a Client has been created, events can be subscribed to using Client::subscribe(). Each time Endpoint Security gets an event that is part of the subscribptions for your client, it will call the handler that was given to Client::new() with the message associated to the event. Note that AUTH events have an associated deadline before which your handler must give a response else your client may be killed by macOS to avoid stalling for the user.



  • Helper module to avoid implementing version detection in this crate and make testing easier by telling the crate its on a lower version than the real one.