SecurityAgent taking focus for plugin in macOS 26.1

Not necessarily an Apple developer, but I ran across this when searching for an annoying bug I've been having lately on my macbook. Every few minutes, SecurityAgent.bundle steals focus from whatever app I have open. It automatically returns focus a few seconds later.

The full path of the offending bundle in my case is

/System/Library/Frameworks/Security.framework/Versions/A/MachServices/SecurityAgent.bundle

Maybe this is related? I couldn't find any other info on this issue online.

First up, authorisation plug-ins are fundamentally brittle and if you’re shipping one as a product then you ought to test your product on every beta release of macOS that we seed. Not just major release seeds, but minor release seeds and even bug fix release seeds.

As to what’s going on here, it’s hard to say without more context. Is your plug-in based on SFAuthorizationPluginView? What rights are you inserting it to?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

maartenweyns: Are you running any security software? Or software that has a SecurityAgent Plugin.

Quinn: Our product contains a SecurityAgent plugin and is an essential part of our product. We do a lot of testing, but this issue seems to be hitting some customers depending on maybe their MDM setup and software installed on the Macs. Could you make help me some documentation on changes in 26.1? We do have an SFAuthorizationPluginView, but that is not even invoked for this issue

We are seeing the same issue with our product, except we can see it on Sequoia as well. We see the issue when we are inserting into rights: com.apple.ServiceManagement.daemons.modify

We are seeing the same issue with our product, except we can see it on Sequoia as well. We see the issue when we are inserting into rights: com.apple.ServiceManagement.daemons.modify

We are also adding a mechanism to com.apple.ServiceManagement.daemons.modify. I can't rule out that it also happens in Sequoia, but many of our users see the problem very often on Tahoe.

Could you make help me some documentation on changes in 26.1?

I’m not aware of any documented changes in this space. OTOH, documentation for authorisation plug-ins is almost non-existant in general )-: so that’s not surprising.

this issue seems to be hitting some customers depending on maybe their MDM setup

OK.

What right is being authorised when this happens?

Have you confirmed that the right is still set up the way you think it’s set up? If this is happening in managed environments then my experience is that such environments often have multiple security products installed. It’s easy to imagine these products fighting each other over how a specific right might be authorised.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Have you found a workaround for this?

Nope, we haven't. Our situation (simplified) looks like this:

1. restart machine, we are using a script to tell us which application is currently active
2. when an app opens, we are inserting into 'com.apple.ServiceManagement.daemons.modify' (the rights will be removed when the app closes)
3. this app has the focus & remains open
4. within 3-5 mins, the application SecurityAgent with path '/System/Library/Frameworks/Security.framework/Versions/A/MachServices/SecurityAgent.bundle' takes the focus

(I am unable to reply back to your comment OP)

What right is being authorised when this happens?

Have you confirmed that the right is still set up the way you think it’s set up? If this is happening in managed environments then my experience is that such environments often have multiple security products installed. It’s easy to imagine these products fighting each other over how a specific right might be authorised.

It's the com.apple.ServiceManagement.daemons.modify right. We see it on MDM enrolled Macs with only our product installed, but on Macs not enrolled there is no issue. Seems like the SecurityAgent is doing something in the background on MDM Macs. Triggering the plugin should be fine, but taking focus when no UI is shown seems wrong

So this is the default setup for com.apple.ServiceManagement.daemons.modify:

% security authorizationdb read com.apple.ServiceManagement.daemons.modify | plutil -p -
YES (0)
{
  "class" => "rule"
  "comment" => "Used by the ServiceManagement framework to make changes to the system launchd's set of daemons."
  "created" => …
  "k-of-n" => 1
  "modified" => …
  "rule" => [
    0 => "is-root"
    1 => "entitled-admin-or-authenticate-admin-nonshared"
  ]
  "version" => 1
}

What does it look like after your modifications?

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

What does it look like after your modifications?

{
  "class" => "evaluate-mechanisms"
  "comment" => "Preferences."
  "created" => 784744897.064658
  "mechanisms" => [
    0 => "MyAuth:invoke"
  ]
  "modified" => 784745142.85089
  "shared" => false
  "tries" => 10000
  "version" => 0
}

What does it look like after your modifications?

Ours after modification is:

{
  "class" => "rule"
  "comment" => "Used by <company> to evaluate ad hoc rules."
  "created" => 780002118.985772
  "k-of-n" => 1
  "modified" => 785095658.311386
  "rule" => [
    0 => "com.<company>.AdHoc"
    1 => "com.<company>.original.com.apple.ServiceManagement.daemons.modify"
  ]
  "version" => 0
}

@ehale I'm testing on latest macOS 26.2 beta 3. I have not seen the focus issue yet. Have you tested on that?

I'm testing on latest macOS 26.2 beta 3. I have not seen the focus issue yet.

Well, that’s promising. @ehale , I’d also be interested in hearing your experience with that beta.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Turns out I was too quick. The issue still occurs on the latest beta, unfortunately.

@DTS Engineer I've discovered more information. The process /usr/libexe/mdmclient runs every so often to check if the machine is enrolled in MDM (I believe). This process seems to invoke our security agent plugin to check the right com.apple.ServiceManagement.daemons.modifywhich is the same right we are already modifying when this happens. I have tried to return early in our security agent's invoke method if it is the mdmclient process, but that didn't seem to work. I am going to see if I can return even earlier, or, ignore it altogether.

@DTS Engineer I've discovered more information. The process /usr/libexe/mdmclient runs every so often to check if the machine is enrolled in MDM (I believe). This process seems to invoke our security agent plugin to check the right com.apple.ServiceManagement.daemons.modifywhich is the same right we are already modifying when this happens. I have tried to return early in our security agent's invoke method if it is the mdmclient process, but that didn't seem to work. I am going to see if I can return even earlier, or, ignore it altogether.

We are seeing the same thing. We can reproduce the SecurityAgent focus steal by killing the mdmclient process and making our Intune Company Portal app do a resync.

@DTS Engineer Could we please get some feedback on this? This is affecting a lot of our Mac users.

Afogh, ehale, Thanks both you for the extra info.

Have either of your filed a bug about this yet? If so, please post the bug number.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Have either of your filed a bug about this yet? If so, please post the bug number.

Yes, I have reported a bug with this number: FB20987979

Hey Guys,

any information about that? Please see the following discussion:

https://discussions.apple.com/thread/256192312?cid=em-com-apple_watches_email_thread_owner-view_the_full_discussion-en-us-11282023&sortBy=newest_first&page=1

Yes, I have reported a bug with this number: FB20987979

@DTS Engineer Any update on this? Is this being fixed?

Any update on this?

No.

If anything changes here, you’ll be notified via Feedback Assistant.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

@ehale Have you found any workarounds to the problem? Issue is still present in 26.2 RC...

@Afogh Yes, we have. If you keep "is-root" at the beginning of your list of rules (when needed), the system processes should be happier with that.

@Afogh Yes, we have. If you keep "is-root" at the beginning of your list of rules (when needed), the system processes should be happier with that.

That is really nice to hear! We are still struggling with this problem. If I may ask how does your own custom rule look like? Is that a evaluate-mechanisms where you list your plugin?

We're seeing this same behavior in our enterprise environment and have been able to isolate it to a specific mechanism in SecurityAgent's launch sequence.

Environment:

• macOS Tahoe 26.3
• MDM-managed Macs (Jamf Pro)
• Non-admin user accounts
• Admin By Request 5.2.0 (authorization plugin: AbrAuth)

What we found:

We built a lightweight detection tool using NSWorkspace activation notifications and a CGEvent tap to catch the moment focus shifts, then captured unified logs (±5 seconds around each event) filtered to the authorization subsystem, process lifecycle, and WindowServer.

The logs show a consistent chain:

1. A LaunchDaemon (mdmclient, JamfDaemon, or AssetSonar in our case) requests system.privilege.admin
2. authd evaluates the right and walks the authorization plugin chain
3. SecurityAgent spawns to host the plugin evaluation (AbrAuth:invoke)
4. SecurityAgent registers with WindowServer (SLSSetFrontProcessWithInfo with window=0)
5. Focus transfers to SecurityAgent — despite no window being displayed
6. The authorization succeeds, SecurityAgent exits, but the focus damage is done

Key detail: We also reproduced this with a minimal LaunchDaemon running as root (UID 0). The daemon requests system.privilege.admin with only kAuthorizationFlagExtendRights (flags 0x00000002) — no kAuthorizationFlagInteractionAllowed. authd grants the right immediately (SUCCESS, since the caller is root), but SecurityAgent still spawns, still registers with WindowServer, and still calls SLSSetFrontProcessWithInfo(window=0), stealing focus.

The unified logs also show SecurityAgent emitting an analytics event — com.apple.appkit.application.stoleKeyFocus — which it then drops as unused. Apple appears to have telemetry for this exact class of event.

Our question:

Is SecurityAgent expected to spawn and register with WindowServer for non-interactive authorization evaluations from root LaunchDaemons? The right is granted immediately, no UI is needed, yet SecurityAgent's AppKit initialization calls SetFrontProcess unconditionally. This seems like SecurityAgent should either (a) not spawn when no UI is required, or (b) not call SetFrontProcess when it has no window to present.

Workarounds we've confirmed:

• Admin By Request shipped a fix in v5.1.2 that avoids triggering the chain from their side
• An active ABR admin session prevents the steals (AbrAuth handles the authorization differently)
• The issue does not occur on non-MDM Macs where the user is a local admin (authd resolves the right directly without spawning SecurityAgent)