Thanks very much for creating that code snippet.
Using your code, I still get an security prompt once per login session. If I reboot and run ./test, I get: "Developer Tools Access is trying to take control of another process. Type your password to allow this." the first time. Thereafter, the tool runs successfully with no further prompt until the next reboot. (Yes, I have run the 'security add-trust ..' steps in the lldb document on my self-signed certificate). Does your test tool run without any user interaction, every time even after a fresh boot? If so I guess I must have messed up the security add-trust steps, though I have done it a couple of times now.
Even so, this is much better than my test app behaved, which simply failed every time (without sudo). Although I realised that I didn't need to get my own Authorization right and that taskgated would do it for me, I put that code in as a diagnostic aid and with hindsight it seems to have caused the problems. Once I completely removed any attempt to Authorize in my own code, taskgated seems to allow my app through, subject to that once-per-login-session security alert. So thanks for pointing that out.
Thanks,
-- Ben.
On 13 Oct 2011, at 15:16, Jean-Daniel Dupas wrote: I just try to create a simple tool that required task_for_pid, and following the lldb instruction (reboot required), it works nicely.
Note that to use task_for_pid(), you don't have to do anything like creating authorization. Just call it, and it works (if your executable is properly signed, and the plist is properly embedded in your tool).
I just tried the following snippet:
... clang -o test test.c -Wl,-sectcreate,__TEXT,__info_plist,Info.plist ./test 368 task_for_pid (os/kern) failure codesign -s lldb_codesign test ./test 368 # no error message
|