Property List Key
Allow DYLD Environment Variables Entitlement
A Boolean value that indicates whether the app may be affected by dynamic linker environment variables, which you can use to inject code into your app’s process.
Details
- Key
- com.apple.security.cs.allow-dyld-environment-variables
- Type
boolean
Discussion
If your app relies on dynamic linker variables to modify its behavior at runtime, add the Allow DYLD Environment Variables Entitlement
to your app. This causes the macOS dynamic linker (dyld
) to read from environment variables that begin with DLYD_
. See the dyld
man page for a list of these variables.
Injecting libraries or changing search paths with this feature may still require another entitlement. For example, you also need the Disable Library Validation Entitlement
if an injected library isn’t signed with the expected team ID.
To add the entitlement to your app, first enable the Hardened Runtime capability in Xcode, and then under Runtime Exceptions, select Allow DYLD Environment Variables.
See Also
Hardened Runtime
Apple Events EntitlementA Boolean value that indicates whether the app may prompt the user for permission to send Apple Events to other apps.
Key: com.apple.security.automation.apple-events
Allow Unsigned Executable Memory EntitlementA Boolean value that indicates whether the app may create writable and executable memory without the restrictions imposed by using the MAP_JIT
flag.
Key: com.apple.security.cs.allow-unsigned-executable-memory
Debugging Tool EntitlementA Boolean value that indicates whether the app is a debugger and may attach to other processes or get task ports.
Key: com.apple.security.cs.debugger
Disable Library Validation EntitlementA Boolean value that indicates whether the app may load arbitrary plug-ins or frameworks, without requiring code signing.
Key: com.apple.security.cs.disable-library-validation
Audio Input EntitlementA Boolean value that indicates whether the app may record audio using the built-in microphone and access audio input using Core Audio.
Key: com.apple.security.device.audio-input
Photos Library EntitlementA Boolean value that indicates whether the app may have read-write access to the user's Photos library.
Key: com.apple.security.personal-information.photos-library