I have a simple Cocoa image preview app. The user selects a file using an NSOpenPanel and the app generates a preview image using the Quick Look API.

I'd like to move the preview generation into a separate XPC service. Without app sandboxing everything works fine, but after enabling app sandboxing for the parent app and the XPC service, the XPC service is denied read access to the user selected file.

The parent app is allowed to read the file (because it was selected through an NSOpenPanel).

How do I transfer the "file read" permissions for the user-selected file from the parent app to the XPC process so that the XPC process can read the file to generate the preview?

My XPC service requests file-read access via its entitlements and I added the following key to the XPC Service Info.plist, but that did not help:

JoinExistingSession = YES

I'm not 100% sure but I think Apple recommends passing an NSFileHandle to the XPC process in this case. That way, the XPC process can access the file's contents but does not need to know the file's URL.

Edit: This thread in the Apple Developer Forums is helpful. The recommendation is to create a normal (not security-scoped) bookmark for the URL of the file. This bookmark can then be passed to the XPC process and accessed by it.