A Boolean value that indicates whether the app is a debugger and may attach to other processes or get task ports.
- macOS 10.7+
Apps with the
Debugging Tool Entitlement can call
task to retrieve a valid task port for unsigned and third-party apps with the
Get Task Allow entitlement set to
true. However, even with the debugging tool entitlement, a debugger can’t get the task ports of processes that don’t have the
Get Task Allow entitlement, and that are therefore protected by System Integrity Protection. See the man page for
taskgated(8) for more information about getting task ports.
Xcode automatically adds the
Get Task Allow entitlement to apps that you build for debugging, while removing the entitlement before App Store submission. This enables Xcode itself to attach to and debug your app during development.
When a non-root user runs an app with the debugging tool entitlement, the system presents an authorization dialog asking for a system administrator’s credentials. If authorization succeeds, the debugger receives a 10-hour session before authorization expires.
To add this entitlement to your app, first enable the Hardened Runtime capability in Xcode, and then under Runtime Exceptions, select Debugging Tool.