endpointsecurity

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2026 License: MIT Imports: 5 Imported by: 0

Documentation

Overview

Package endpointsecurity provides Go bindings for the EndpointSecurity framework.

Develop system extensions that enhance user security.

Endpoint Security is a C API for monitoring system events for potentially malicious activity. You can write your client in any language that supports native calls. Your client registers with Endpoint Security to authorize pending events, or receive notifications of events that already occurred. These events include process executions, mounting file systems, forking processes, and raising signals.

Event Monitoring

Entitlements

  • com.apple.developer.endpoint-security.client: The entitlement required to monitor system events for potentially malicious activity.

Variables

  • ES_CS_VALIDATION_CATEGORY_APP_STORE
  • ES_CS_VALIDATION_CATEGORY_DEVELOPER_ID
  • ES_CS_VALIDATION_CATEGORY_DEVELOPMENT
  • ES_CS_VALIDATION_CATEGORY_ENTERPRISE
  • ES_CS_VALIDATION_CATEGORY_INVALID
  • ES_CS_VALIDATION_CATEGORY_LOCAL_SIGNING
  • ES_CS_VALIDATION_CATEGORY_NONE
  • ES_CS_VALIDATION_CATEGORY_OOPJIT
  • ES_CS_VALIDATION_CATEGORY_PLATFORM
  • ES_CS_VALIDATION_CATEGORY_ROSETTA
  • ES_CS_VALIDATION_CATEGORY_TESTFLIGHT
  • ES_EVENT_TYPE_NOTIFY_TCC_MODIFY
  • ES_TCC_AUTHORIZATION_REASON_APP_TYPE_POLICY: A system process changed the authorization right
  • ES_TCC_AUTHORIZATION_REASON_ENTITLED: A system process changed the authorization right
  • ES_TCC_AUTHORIZATION_REASON_ERROR
  • ES_TCC_AUTHORIZATION_REASON_MDM_POLICY: A system process changed the authorization right
  • ES_TCC_AUTHORIZATION_REASON_MISSING_USAGE_STRING: A system process changed the authorization right
  • ES_TCC_AUTHORIZATION_REASON_NONE
  • ES_TCC_AUTHORIZATION_REASON_PREFLIGHT_UNKNOWN: A system process changed the authorization right
  • ES_TCC_AUTHORIZATION_REASON_PROMPT_CANCEL: A system process changed the authorization right
  • ES_TCC_AUTHORIZATION_REASON_PROMPT_TIMEOUT: A system process changed the authorization right
  • ES_TCC_AUTHORIZATION_REASON_SERVICE_OVERRIDE_POLICY: A system process changed the authorization right
  • ES_TCC_AUTHORIZATION_REASON_SERVICE_POLICY: A system process changed the authorization right
  • ES_TCC_AUTHORIZATION_REASON_SYSTEM_SET: User changed the authorization right via Preferences
  • ES_TCC_AUTHORIZATION_REASON_USER_CONSENT
  • ES_TCC_AUTHORIZATION_REASON_USER_SET: User answered a prompt
  • ES_TCC_AUTHORIZATION_RIGHT_ADD_MODIFY_ADDED
  • ES_TCC_AUTHORIZATION_RIGHT_ALLOWED
  • ES_TCC_AUTHORIZATION_RIGHT_DENIED
  • ES_TCC_AUTHORIZATION_RIGHT_LEARN_MORE
  • ES_TCC_AUTHORIZATION_RIGHT_LIMITED
  • ES_TCC_AUTHORIZATION_RIGHT_SESSION_PID
  • ES_TCC_AUTHORIZATION_RIGHT_UNKNOWN
  • ES_TCC_EVENT_TYPE_CREATE
  • ES_TCC_EVENT_TYPE_DELETE
  • ES_TCC_EVENT_TYPE_MODIFY
  • ES_TCC_EVENT_TYPE_UNKNOWN
  • ES_TCC_IDENTITY_TYPE_BUNDLE_ID
  • ES_TCC_IDENTITY_TYPE_EXECUTABLE_PATH
  • ES_TCC_IDENTITY_TYPE_FILE_PROVIDER_DOMAIN_ID
  • ES_TCC_IDENTITY_TYPE_POLICY_ID

Type Aliases

  • es_statfs_t: This typedef is no longer used, but exists for API backwards compatibility.

Code generated from Apple documentation. DO NOT EDIT.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Es_clear_cache 

func Es_clear_cache(client *Es_client_t) unsafe.Pointer

Es_clear_cache clears all cached results for all clients.

See: https://developer.apple.com/documentation/EndpointSecurity/es_clear_cache(_:)

func Es_delete_client 

func Es_delete_client(client *Es_client_t) unsafe.Pointer

Es_delete_client destroys and disconnects a client instance from the Endpoint Security system.

See: https://developer.apple.com/documentation/EndpointSecurity/es_delete_client(_:)

func Es_exec_arg_count 

func Es_exec_arg_count(event *Es_event_exec_t) uint32

Es_exec_arg_count gets the number of arguments from a process execution event.

See: https://developer.apple.com/documentation/EndpointSecurity/es_exec_arg_count(_:)

func Es_exec_env_count 

func Es_exec_env_count(event *Es_event_exec_t) uint32

Es_exec_env_count gets the number of environment variables from a process execution event.

See: https://developer.apple.com/documentation/EndpointSecurity/es_exec_env_count(_:)

func Es_exec_fd_count 

func Es_exec_fd_count(event *Es_event_exec_t) uint32

Es_exec_fd_count gets the number of file descriptors from a process execution event.

See: https://developer.apple.com/documentation/EndpointSecurity/es_exec_fd_count(_:)

func Es_invert_muting 

func Es_invert_muting(client *Es_client_t, mute_type unsafe.Pointer) unsafe.Pointer

Es_invert_muting.

See: https://developer.apple.com/documentation/EndpointSecurity/es_invert_muting(_:_:)

func Es_mute_path 

func Es_mute_path(client *Es_client_t, path string, type_ unsafe.Pointer) unsafe.Pointer

Es_mute_path suppresses events from executables that match a given path.

See: https://developer.apple.com/documentation/EndpointSecurity/es_mute_path(_:_:_:)

func Es_mute_path_events 

func Es_mute_path_events(client *Es_client_t, path string, type_ unsafe.Pointer, events uintptr, event_count uintptr) unsafe.Pointer

Es_mute_path_events suppresses a subset of events from executables that match a given path.

See: https://developer.apple.com/documentation/EndpointSecurity/es_mute_path_events(_:_:_:_:_:)

func Es_mute_process 

func Es_mute_process(client *Es_client_t, audit_token uintptr) unsafe.Pointer

Es_mute_process suppresses events from a given process.

See: https://developer.apple.com/documentation/EndpointSecurity/es_mute_process(_:_:)

func Es_mute_process_events 

func Es_mute_process_events(client *Es_client_t, audit_token uintptr, events uintptr, event_count uintptr) unsafe.Pointer

Es_mute_process_events suppresses a subset of events from a given process.

See: https://developer.apple.com/documentation/EndpointSecurity/es_mute_process_events(_:_:_:_:)

func Es_muted_paths_events 

func Es_muted_paths_events(client *Es_client_t, muted_paths *Es_muted_paths_t) unsafe.Pointer

Es_muted_paths_events retrieve a list of all muted paths.

See: https://developer.apple.com/documentation/EndpointSecurity/es_muted_paths_events(_:_:)

func Es_muted_processes_events 

func Es_muted_processes_events(client *Es_client_t, muted_processes *Es_muted_processes_t) unsafe.Pointer

Es_muted_processes_events retrieve a list of all muted processes.

See: https://developer.apple.com/documentation/EndpointSecurity/es_muted_processes_events(_:_:)

func Es_muting_inverted 

func Es_muting_inverted(client *Es_client_t, mute_type unsafe.Pointer) unsafe.Pointer

Es_muting_inverted.

See: https://developer.apple.com/documentation/EndpointSecurity/es_muting_inverted(_:_:)

func Es_new_client 

func Es_new_client(client *Es_client_t, handler Es_handler_block_t) unsafe.Pointer

Es_new_client creates a new client instance and connects it to the Endpoint Security system.

See: https://developer.apple.com/documentation/EndpointSecurity/es_new_client(_:_:)

func Es_release_message 

func Es_release_message(msg *Es_message_t)

Es_release_message releases a previously-retained message.

See: https://developer.apple.com/documentation/EndpointSecurity/es_release_message(_:)

func Es_release_muted_paths 

func Es_release_muted_paths(muted_paths *Es_muted_paths_t)

Es_release_muted_paths frees resources associated with a set of previously-retrieved muted paths.

See: https://developer.apple.com/documentation/EndpointSecurity/es_release_muted_paths(_:)

func Es_release_muted_processes 

func Es_release_muted_processes(muted_processes *Es_muted_processes_t)

Es_release_muted_processes frees resources associated with a set of previously-retrieved muted processes.

See: https://developer.apple.com/documentation/EndpointSecurity/es_release_muted_processes(_:)

func Es_respond_auth_result 

func Es_respond_auth_result(client *Es_client_t, message *Es_message_t, result unsafe.Pointer, cache bool) unsafe.Pointer

Es_respond_auth_result responds to an event that requires an authorization response.

See: https://developer.apple.com/documentation/EndpointSecurity/es_respond_auth_result(_:_:_:_:)

func Es_respond_flags_result 

func Es_respond_flags_result(client *Es_client_t, message *Es_message_t, authorized_flags uint32, cache bool) unsafe.Pointer

Es_respond_flags_result responds to an event that requires authorization flags as a response.

See: https://developer.apple.com/documentation/EndpointSecurity/es_respond_flags_result(_:_:_:_:)

func Es_retain_message 

func Es_retain_message(msg *Es_message_t)

Es_retain_message retains the given message, extending its lifetime until released.

See: https://developer.apple.com/documentation/EndpointSecurity/es_retain_message(_:)

func Es_subscribe 

func Es_subscribe(client *Es_client_t, events uintptr, event_count uint32) unsafe.Pointer

Es_subscribe subscribes a client to a set of events.

See: https://developer.apple.com/documentation/EndpointSecurity/es_subscribe(_:_:_:)

func Es_subscriptions 

func Es_subscriptions(client *Es_client_t, count *uintptr, subscriptions uintptr) unsafe.Pointer

Es_subscriptions returns a list of the client’s subscriptions.

See: https://developer.apple.com/documentation/EndpointSecurity/es_subscriptions(_:_:_:)

func Es_unmute_all_paths 

func Es_unmute_all_paths(client *Es_client_t) unsafe.Pointer

Es_unmute_all_paths restores event delivery from previously-muted paths.

See: https://developer.apple.com/documentation/EndpointSecurity/es_unmute_all_paths(_:)

func Es_unmute_all_target_paths 

func Es_unmute_all_target_paths(client *Es_client_t) unsafe.Pointer

Es_unmute_all_target_paths.

See: https://developer.apple.com/documentation/EndpointSecurity/es_unmute_all_target_paths(_:)

func Es_unmute_path 

func Es_unmute_path(client *Es_client_t, path string, type_ unsafe.Pointer) unsafe.Pointer

Es_unmute_path restores event delivery from a previously-muted path.

See: https://developer.apple.com/documentation/EndpointSecurity/es_unmute_path(_:_:_:)

func Es_unmute_path_events 

func Es_unmute_path_events(client *Es_client_t, path string, type_ unsafe.Pointer, events uintptr, event_count uintptr) unsafe.Pointer

Es_unmute_path_events restores event delivery of a subset of events from a previously-muted path.

See: https://developer.apple.com/documentation/EndpointSecurity/es_unmute_path_events(_:_:_:_:_:)

func Es_unmute_process 

func Es_unmute_process(client *Es_client_t, audit_token uintptr) unsafe.Pointer

Es_unmute_process restores event delivery from a previously-muted process.

See: https://developer.apple.com/documentation/EndpointSecurity/es_unmute_process(_:_:)

func Es_unmute_process_events 

func Es_unmute_process_events(client *Es_client_t, audit_token uintptr, events uintptr, event_count uintptr) unsafe.Pointer

Es_unmute_process_events restores event delivery of a subset of events from a previously-muted process.

See: https://developer.apple.com/documentation/EndpointSecurity/es_unmute_process_events(_:_:_:_:)

func Es_unsubscribe 

func Es_unsubscribe(client *Es_client_t, events uintptr, event_count uint32) unsafe.Pointer

Es_unsubscribe unsubscribes the provided client from a set of events.

See: https://developer.apple.com/documentation/EndpointSecurity/es_unsubscribe(_:_:_:)

func Es_unsubscribe_all 

func Es_unsubscribe_all(client *Es_client_t) unsafe.Pointer

Es_unsubscribe_all unsubscribes a client from all events.

See: https://developer.apple.com/documentation/EndpointSecurity/es_unsubscribe_all(_:)

Types

type Acl 

type Acl struct {
}

C struct types Acl

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_create_t/acl-6m1ze

type Cwd 

type Cwd struct {
}

Cwd

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_exec_t/cwd-7pogi

type Es_authorization_result_t 

type Es_authorization_result_t struct {
}

Es_authorization_result_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_authorization_result_t

type Es_btm_launch_item_t 

type Es_btm_launch_item_t struct {
}

Es_btm_launch_item_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_btm_launch_item_t

type Es_cdhash_t 

type Es_cdhash_t = unsafe.Pointer

See: https://developer.apple.com/documentation/EndpointSecurity/es_cdhash_t

type Es_client_t 

type Es_client_t = unsafe.Pointer

Es_client_t is an opaque type that stores the Endpoint Security client state.

See: https://developer.apple.com/documentation/EndpointSecurity/es_client_t

type Es_event_access_t 

type Es_event_access_t struct {
}

Es_event_access_t - A type for an event that indicates the checking of a file’s access permission.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_access_t

type Es_event_authentication_auto_unlock_t 

type Es_event_authentication_auto_unlock_t struct {
}

Es_event_authentication_auto_unlock_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_authentication_auto_unlock_t

type Es_event_authentication_od_t 

type Es_event_authentication_od_t struct {
}

Es_event_authentication_od_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_authentication_od_t

type Es_event_authentication_t 

type Es_event_authentication_t struct {
}

Es_event_authentication_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_authentication_t

type Es_event_authentication_token_t 

type Es_event_authentication_token_t struct {
}

Es_event_authentication_token_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_authentication_token_t

type Es_event_authentication_touchid_t 

type Es_event_authentication_touchid_t struct {
}

Es_event_authentication_touchid_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_authentication_touchid_t

type Es_event_authorization_judgement_t 

type Es_event_authorization_judgement_t struct {
}

Es_event_authorization_judgement_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_authorization_judgement_t

type Es_event_authorization_petition_t 

type Es_event_authorization_petition_t struct {
}

Es_event_authorization_petition_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_authorization_petition_t

type Es_event_btm_launch_item_add_t 

type Es_event_btm_launch_item_add_t struct {
}

Es_event_btm_launch_item_add_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_btm_launch_item_add_t

type Es_event_btm_launch_item_remove_t 

type Es_event_btm_launch_item_remove_t struct {
}

Es_event_btm_launch_item_remove_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_btm_launch_item_remove_t

type Es_event_chdir_t 

type Es_event_chdir_t struct {
}

Es_event_chdir_t - A type for an event that indicates a change to a process’s working directory.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_chdir_t

type Es_event_chroot_t 

type Es_event_chroot_t struct {
}

Es_event_chroot_t - A type for an event that indicates a change to a process’s root directory.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_chroot_t

type Es_event_clone_t 

type Es_event_clone_t struct {
}

Es_event_clone_t - A type for an event that indicates the cloning of a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_clone_t

type Es_event_close_t 

type Es_event_close_t struct {
}

Es_event_close_t - A type for an event that indicates the closing of a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_close_t

type Es_event_copyfile_t 

type Es_event_copyfile_t struct {
}

Es_event_copyfile_t - A type for an event that indicates the copying of a file by use of a system call.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_copyfile_t

type Es_event_create_t 

type Es_event_create_t struct {
}

Es_event_create_t - A type for an event that indicates the creation of a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_create_t

type Es_event_cs_invalidated_t 

type Es_event_cs_invalidated_t struct {
}

Es_event_cs_invalidated_t - A type for an event that indicates the invalidation of a process’ code signing status.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_cs_invalidated_t

type Es_event_deleteextattr_t 

type Es_event_deleteextattr_t struct {
}

Es_event_deleteextattr_t - A type for an event that indicates the deletion of an extended attribute from a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_deleteextattr_t

type Es_event_dup_t 

type Es_event_dup_t struct {
}

Es_event_dup_t - A type for an event that indicates the duplication of a file descriptor.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_dup_t

type Es_event_exchangedata_t 

type Es_event_exchangedata_t struct {
}

Es_event_exchangedata_t - A type for an event that indicates the exchange of data between two files.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_exchangedata_t

type Es_event_exec_t 

type Es_event_exec_t struct {
}

Es_event_exec_t - A type for an event that indicates the execution of a process.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_exec_t

type Es_event_exit_t 

type Es_event_exit_t struct {
}

Es_event_exit_t - A type for an event that indicates a process exiting.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_exit_t

type Es_event_fcntl_t 

type Es_event_fcntl_t struct {
}

Es_event_fcntl_t - A type for an event that indicates the manipulation of a file descriptor.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_fcntl_t

type Es_event_file_provider_materialize_t 

type Es_event_file_provider_materialize_t struct {
}

Es_event_file_provider_materialize_t - A type for an event that indicates the materialization of a file provider.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_file_provider_materialize_t

type Es_event_file_provider_update_t 

type Es_event_file_provider_update_t struct {
}

Es_event_file_provider_update_t - A type for an event that indicates an update to a file provider.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_file_provider_update_t

type Es_event_fork_t 

type Es_event_fork_t struct {
}

Es_event_fork_t - A type for an event that indicates the forking of a process.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_fork_t

type Es_event_fsgetpath_t 

type Es_event_fsgetpath_t struct {
}

Es_event_fsgetpath_t - A type for an event that indicates the retrieval of a file-system path.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_fsgetpath_t

type Es_event_gatekeeper_user_override_t 

type Es_event_gatekeeper_user_override_t struct {
}

Es_event_gatekeeper_user_override_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_gatekeeper_user_override_t

type Es_event_get_task_inspect_t 

type Es_event_get_task_inspect_t struct {
}

Es_event_get_task_inspect_t - A type for an event that indicates the retrieval of a task’s inspect port.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_get_task_inspect_t

type Es_event_get_task_name_t 

type Es_event_get_task_name_t struct {
}

Es_event_get_task_name_t - A type for an event that indicates the retrieval of a task’s name port.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_get_task_name_t

type Es_event_get_task_read_t 

type Es_event_get_task_read_t struct {
}

Es_event_get_task_read_t - A type for an event that indicates the retrieval of a task’s read port.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_get_task_read_t

type Es_event_get_task_t 

type Es_event_get_task_t struct {
}

Es_event_get_task_t - A type for an event that indicates the retrieval of a task’s control port.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_get_task_t

type Es_event_getattrlist_t 

type Es_event_getattrlist_t struct {
}

Es_event_getattrlist_t - A type for an event that indicates the retrieval of attributes from a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_getattrlist_t

type Es_event_getextattr_t 

type Es_event_getextattr_t struct {
}

Es_event_getextattr_t - A type for an event that indicates the retrieval of an extended attribute from a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_getextattr_t

type Es_event_id_t 

type Es_event_id_t struct {
}

Es_event_id_t - An opaque identifier for events.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_id_t

type Es_event_iokit_open_t 

type Es_event_iokit_open_t struct {
}

Es_event_iokit_open_t - A type for an event that indicates the opening of an IOKit device.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_iokit_open_t

type Es_event_kextload_t 

type Es_event_kextload_t struct {
}

Es_event_kextload_t - A type for an event that indicates the loading of a kernel extension.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_kextload_t

type Es_event_kextunload_t 

type Es_event_kextunload_t struct {
}

Es_event_kextunload_t - A type for an event that indicates the unloading of a Kernel Extension (KEXT).

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_kextunload_t 

type Es_event_link_t struct {
}

Es_event_link_t - A type for an event that indicates the creation of a hard link.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_link_t

type Es_event_listextattr_t 

type Es_event_listextattr_t struct {
}

Es_event_listextattr_t - A type for an event that indicates the retrieval of multiple extended attributes from a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_listextattr_t

type Es_event_login_login_t 

type Es_event_login_login_t struct {
}

Es_event_login_login_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_login_login_t

type Es_event_login_logout_t 

type Es_event_login_logout_t struct {
}

Es_event_login_logout_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_login_logout_t

type Es_event_lookup_t 

type Es_event_lookup_t struct {
}

Es_event_lookup_t - A type for an event that indicates the lookup of a file’s path.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_lookup_t

type Es_event_lw_session_lock_t 

type Es_event_lw_session_lock_t struct {
}

Es_event_lw_session_lock_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_lw_session_lock_t

type Es_event_lw_session_login_t 

type Es_event_lw_session_login_t struct {
}

Es_event_lw_session_login_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_lw_session_login_t

type Es_event_lw_session_logout_t 

type Es_event_lw_session_logout_t struct {
}

Es_event_lw_session_logout_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_lw_session_logout_t

type Es_event_lw_session_unlock_t 

type Es_event_lw_session_unlock_t struct {
}

Es_event_lw_session_unlock_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_lw_session_unlock_t

type Es_event_mmap_t 

type Es_event_mmap_t struct {
}

Es_event_mmap_t - A type for an event that indicates the mapping of memory to a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_mmap_t

type Es_event_mount_t 

type Es_event_mount_t struct {
}

Es_event_mount_t - A type for an event that indicates the mounting of a file system.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_mount_t

type Es_event_mprotect_t 

type Es_event_mprotect_t struct {
}

Es_event_mprotect_t - A type for an event that indicates a change to protection of memory-mapped pages.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_mprotect_t

type Es_event_od_attribute_set_t 

type Es_event_od_attribute_set_t struct {
}

Es_event_od_attribute_set_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_attribute_set_t

type Es_event_od_attribute_value_add_t 

type Es_event_od_attribute_value_add_t struct {
}

Es_event_od_attribute_value_add_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_attribute_value_add_t

type Es_event_od_attribute_value_remove_t 

type Es_event_od_attribute_value_remove_t struct {
}

Es_event_od_attribute_value_remove_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_attribute_value_remove_t

type Es_event_od_create_group_t 

type Es_event_od_create_group_t struct {
}

Es_event_od_create_group_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_create_group_t

type Es_event_od_create_user_t 

type Es_event_od_create_user_t struct {
}

Es_event_od_create_user_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_create_user_t

type Es_event_od_delete_group_t 

type Es_event_od_delete_group_t struct {
}

Es_event_od_delete_group_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_delete_group_t

type Es_event_od_delete_user_t 

type Es_event_od_delete_user_t struct {
}

Es_event_od_delete_user_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_delete_user_t

type Es_event_od_disable_user_t 

type Es_event_od_disable_user_t struct {
}

Es_event_od_disable_user_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_disable_user_t

type Es_event_od_enable_user_t 

type Es_event_od_enable_user_t struct {
}

Es_event_od_enable_user_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_enable_user_t

type Es_event_od_group_add_t 

type Es_event_od_group_add_t struct {
}

Es_event_od_group_add_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_group_add_t

type Es_event_od_group_remove_t 

type Es_event_od_group_remove_t struct {
}

Es_event_od_group_remove_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_group_remove_t

type Es_event_od_group_set_t 

type Es_event_od_group_set_t struct {
}

Es_event_od_group_set_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_group_set_t

type Es_event_od_modify_password_t 

type Es_event_od_modify_password_t struct {
}

Es_event_od_modify_password_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_od_modify_password_t

type Es_event_open_t 

type Es_event_open_t struct {
}

Es_event_open_t - A type for an event that indicates the opening of a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_open_t

type Es_event_openssh_login_t 

type Es_event_openssh_login_t struct {
}

Es_event_openssh_login_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_openssh_login_t

type Es_event_openssh_logout_t 

type Es_event_openssh_logout_t struct {
}

Es_event_openssh_logout_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_openssh_logout_t

type Es_event_proc_check_t 

type Es_event_proc_check_t struct {
}

Es_event_proc_check_t - A type that indicates the call used and the data returned when a process checks on the access of the target process.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_proc_check_t

type Es_event_proc_suspend_resume_t 

type Es_event_proc_suspend_resume_t struct {
}

Es_event_proc_suspend_resume_t - A type for an event that indicates a call to suspend, resume, or shut down sockets for a process.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_proc_suspend_resume_t

type Es_event_profile_add_t 

type Es_event_profile_add_t struct {
}

Es_event_profile_add_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_profile_add_t

type Es_event_profile_remove_t 

type Es_event_profile_remove_t struct {
}

Es_event_profile_remove_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_profile_remove_t

type Es_event_pty_close_t 

type Es_event_pty_close_t struct {
}

Es_event_pty_close_t - A type for an event that indicates the closing of a pseudoterminal device.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_pty_close_t

type Es_event_pty_grant_t 

type Es_event_pty_grant_t struct {
}

Es_event_pty_grant_t - A type for an event that indicates the granting of a pseudoterminal device to a user.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_pty_grant_t

type Es_event_readdir_t 

type Es_event_readdir_t struct {
}

Es_event_readdir_t - A type for an event that indicates the reading of a file-system directory.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_readdir_t 

type Es_event_readlink_t struct {
}

Es_event_readlink_t - A type for an event that indicates the reading of a symbolic link.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_readlink_t

type Es_event_remote_thread_create_t 

type Es_event_remote_thread_create_t struct {
}

Es_event_remote_thread_create_t - A type for an event that indicates an attempt by one process to create a thread in another process.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_remote_thread_create_t

type Es_event_remount_t 

type Es_event_remount_t struct {
}

Es_event_remount_t - A type for an event that indicates the unmounting of a file system.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_remount_t

type Es_event_rename_t 

type Es_event_rename_t struct {
}

Es_event_rename_t - A type for an event that indicates the renaming of a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_rename_t

type Es_event_screensharing_attach_t 

type Es_event_screensharing_attach_t struct {
}

Es_event_screensharing_attach_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_screensharing_attach_t

type Es_event_screensharing_detach_t 

type Es_event_screensharing_detach_t struct {
}

Es_event_screensharing_detach_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_screensharing_detach_t

type Es_event_searchfs_t 

type Es_event_searchfs_t struct {
}

Es_event_searchfs_t - A type for an event that indicates searching a volume or mounted file system.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_searchfs_t

type Es_event_setacl_t 

type Es_event_setacl_t struct {
}

Es_event_setacl_t - A type for an event that indicates the setting of a file’s access control list.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_setacl_t

type Es_event_setattrlist_t 

type Es_event_setattrlist_t struct {
}

Es_event_setattrlist_t - A type for an event that indicates the setting of a file attribute.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_setattrlist_t

type Es_event_setegid_t 

type Es_event_setegid_t struct {
}

Es_event_setegid_t - A type for an event that indicates the setting of a process’s effective group ID.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_setegid_t

type Es_event_seteuid_t 

type Es_event_seteuid_t struct {
}

Es_event_seteuid_t - A type for an event that indicates the setting of a process’s effective user ID.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_seteuid_t

type Es_event_setextattr_t 

type Es_event_setextattr_t struct {
}

Es_event_setextattr_t - A type for an event that indicates the setting of a file’s extended attribute.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_setextattr_t

type Es_event_setflags_t 

type Es_event_setflags_t struct {
}

Es_event_setflags_t - A type for an event that indicates the setting of a file’s flags.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_setflags_t

type Es_event_setgid_t 

type Es_event_setgid_t struct {
}

Es_event_setgid_t - A type for an event that indicates the setting of a process’s group ID.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_setgid_t

type Es_event_setmode_t 

type Es_event_setmode_t struct {
}

Es_event_setmode_t - A type for an event that indicates the setting of a file’s mode.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_setmode_t

type Es_event_setowner_t 

type Es_event_setowner_t struct {
}

Es_event_setowner_t - A type for an event that indicates the setting of a file’s owner.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_setowner_t

type Es_event_setregid_t 

type Es_event_setregid_t struct {
}

Es_event_setregid_t - A type for an event that indicates the setting of a process’s real and effective group IDs.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_setregid_t

type Es_event_setreuid_t 

type Es_event_setreuid_t struct {
}

Es_event_setreuid_t - A type for an event that indicates the setting of a process’s real and effective user IDs.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_setreuid_t

type Es_event_settime_t 

type Es_event_settime_t struct {
}

Es_event_settime_t - A type for an event that indicates the modification of the system time.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_settime_t

type Es_event_setuid_t 

type Es_event_setuid_t struct {
}

Es_event_setuid_t - A type for an event that indicates the setting of a process’s user ID.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_setuid_t

type Es_event_signal_t 

type Es_event_signal_t struct {
}

Es_event_signal_t - A type for an event that indicates the sending of a signal to a process.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_signal_t

type Es_event_stat_t 

type Es_event_stat_t struct {
}

Es_event_stat_t - A type for an event that indicates the retrieval of a file’s status.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_stat_t

type Es_event_su_t 

type Es_event_su_t struct {
}

Es_event_su_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_su_t

type Es_event_sudo_t 

type Es_event_sudo_t struct {
}

Es_event_sudo_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_sudo_t

type Es_event_tcc_modify_t 

type Es_event_tcc_modify_t struct {
}

Es_event_tcc_modify_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_tcc_modify_t

type Es_event_trace_t 

type Es_event_trace_t struct {
}

Es_event_trace_t - A type for an event that indicates an attempt by one process to attach to another process.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_trace_t

type Es_event_truncate_t 

type Es_event_truncate_t struct {
}

Es_event_truncate_t - A type for an event that indicates the truncation of a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_truncate_t

type Es_event_uipc_bind_t 

type Es_event_uipc_bind_t struct {
}

Es_event_uipc_bind_t - A type for an event that indicates the binding of a socket to a path.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_uipc_bind_t

type Es_event_uipc_connect_t 

type Es_event_uipc_connect_t struct {
}

Es_event_uipc_connect_t - A type for an event that indicates the connection of a socket.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_uipc_connect_t 

type Es_event_unlink_t struct {
}

Es_event_unlink_t - A type for an event that indicates the deletion of a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_unlink_t

type Es_event_unmount_t 

type Es_event_unmount_t struct {
}

Es_event_unmount_t - A type for an event that indicates the unmounting of a file system.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_unmount_t

type Es_event_utimes_t 

type Es_event_utimes_t struct {
}

Es_event_utimes_t - A type for an event that indicates a change to a file’s access time or modification time.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_utimes_t

type Es_event_write_t 

type Es_event_write_t struct {
}

Es_event_write_t - A type for an event that indicates the writing of data to a file.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_write_t

type Es_event_xp_malware_detected_t 

type Es_event_xp_malware_detected_t struct {
}

Es_event_xp_malware_detected_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_xp_malware_detected_t

type Es_event_xp_malware_remediated_t 

type Es_event_xp_malware_remediated_t struct {
}

Es_event_xp_malware_remediated_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_xp_malware_remediated_t

type Es_event_xpc_connect_t 

type Es_event_xpc_connect_t struct {
}

Es_event_xpc_connect_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_xpc_connect_t

type Es_fd_t 

type Es_fd_t struct {
}

Es_fd_t - A structure that describes an open file descriptor.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_fd_t

func Es_exec_fd 

func Es_exec_fd(event *Es_event_exec_t, index uint32) *Es_fd_t

Es_exec_fd gets the file descriptor at the specified position from a process execution event.

See: https://developer.apple.com/documentation/EndpointSecurity/es_exec_fd(_:_:)

type Es_file_t 

type Es_file_t struct {
}

Es_file_t - A type that represents a file related to an Endpoint Security event.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_file_t

type Es_graphical_session_id_t 

type Es_graphical_session_id_t = uint32

See: https://developer.apple.com/documentation/EndpointSecurity/es_graphical_session_id_t

type Es_handler_block_t 

type Es_handler_block_t = func(objectivec.IObject, *Es_message_t)

Es_handler_block_t is a block that handles a message received from Endpoint Security.

See: https://developer.apple.com/documentation/EndpointSecurity/es_handler_block_t

type Es_message_t 

type Es_message_t struct {
}

Es_message_t - A message from the Endpoint Security subsystem that describes a security event.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_message_t

type Es_muted_path_t 

type Es_muted_path_t struct {
}

Es_muted_path_t - A structure that describes a path’s muted events.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_muted_path_t

type Es_muted_paths_t 

type Es_muted_paths_t struct {
}

Es_muted_paths_t - A structure for a set of muted paths.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_muted_paths_t

type Es_muted_process_t 

type Es_muted_process_t struct {
}

Es_muted_process_t - A structure that describes a process’s muted events.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_muted_process_t

type Es_muted_processes_t 

type Es_muted_processes_t struct {
}

Es_muted_processes_t - A structure for a set of muted processes.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_muted_processes_t

type Es_od_member_id_array_t 

type Es_od_member_id_array_t struct {
}

Es_od_member_id_array_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_od_member_id_array_t

type Es_od_member_id_t 

type Es_od_member_id_t struct {
}

Es_od_member_id_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_od_member_id_t

type Es_process_t 

type Es_process_t struct {
}

Es_process_t - A type that describes a process, as delivered by an Endpoint Security message.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_process_t

type Es_profile_t 

type Es_profile_t struct {
}

Es_profile_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_profile_t

type Es_result_t 

type Es_result_t struct {
}

Es_result_t - The result of the Endpoint Security subsystem authorization process.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_result_t

type Es_sha256_t 

type Es_sha256_t = unsafe.Pointer

See: https://developer.apple.com/documentation/EndpointSecurity/es_sha256_t

type Es_signed_file_info_t 

type Es_signed_file_info_t struct {
}

Es_signed_file_info_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_signed_file_info_t

type Es_statfs_t 

type Es_statfs_t = unsafe.Pointer

Es_statfs_t is this typedef is no longer used, but exists for API backwards compatibility.

See: https://developer.apple.com/documentation/EndpointSecurity/es_statfs_t

type Es_string_token_t 

type Es_string_token_t struct {
}

Es_string_token_t - A pointer to a null-terminated string, and the length in bytes of that string.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_string_token_t

func Es_exec_arg 

func Es_exec_arg(event *Es_event_exec_t, index uint32) Es_string_token_t

Es_exec_arg gets the argument at the specified position from a process execution event.

See: https://developer.apple.com/documentation/EndpointSecurity/es_exec_arg(_:_:)

func Es_exec_env 

func Es_exec_env(event *Es_event_exec_t, index uint32) Es_string_token_t

Es_exec_env gets the environment variable at the specified position from a process execution event.

See: https://developer.apple.com/documentation/EndpointSecurity/es_exec_env(_:_:)

type Es_sudo_reject_info_t 

type Es_sudo_reject_info_t struct {
}

Es_sudo_reject_info_t

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_sudo_reject_info_t

type Es_thread_state_t 

type Es_thread_state_t struct {
}

Es_thread_state_t - A description of a thread’s machine-specfiic state.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_thread_state_t

type Es_thread_t 

type Es_thread_t struct {
}

Es_thread_t - A structure that represents a thread in a process.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_thread_t

type Es_token_t 

type Es_token_t struct {
}

Es_token_t - An arbitrary buffer of data with its size.

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_token_t

type Image_cpusubtype 

type Image_cpusubtype struct {
}

Image_cpusubtype

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_exec_t/image_cpusubtype-4h1ft

type Image_cputype 

type Image_cputype struct {
}

Image_cputype

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_exec_t/image_cputype-9u2jr

type Last_fd 

type Last_fd struct {
}

Last_fd

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_exec_t/last_fd-g0rc

type Pipe 

type Pipe struct {
}

Pipe

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_fd_t/pipe-1gtm4

type Reserved 

type Reserved struct {
}

Reserved

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_close_t/reserved-1vkig

type Script 

type Script struct {
}

Script

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_exec_t/script-19tlj

type Was_mapped_writable 

type Was_mapped_writable struct {
}

Was_mapped_writable

[Full Topic] [Full Topic]: https://developer.apple.com/documentation/EndpointSecurity/es_event_close_t/was_mapped_writable-5iaxq

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.