A code requirement is a constraint that must be satisfied for the code to be considered valid for a specific purpose. It outlines the conditions necessary for the system to evaluate the code’s signature and determine whether the code can be trusted as secure. If the code does not meet these requirements during evaluation, the validation of the code signature will fail.
You can include the code signature requirement and the bundle ID for an app to allow access to protected user data. Specifying the bundle ID and code requirement strengthens the security of the Privacy Preferences payload. You can retrieve the code signature requirement for the app by executing the codesign commands.
Finding the Code Requirement of an App
To find the code requirement of an app installed on the Mac, run the following command on the terminal:
codesign -dr - "path/Bundle ID"For example:
codesign -dr - /System/Applications/Maps.appReplace the path/Bundle ID with the path or Bundle Identifier of the app. You can find the code requirement starting after the text designated =>.
Output example:
Executable=/System/Applications/Maps.app/Contents/MacOS/Maps designated => identifier "com.apple.Maps" and anchor appleIt is advisable to manually validate the script execution on a system before performing a bulk action.