site_archiver@lists.apple.com Delivered-To: Darwin-dev@lists.apple.com darwin-dev-bounces+graham.lee=sophos.com@lists.apple.com wrote on 2008-06-05 09:26:08:
Oh, when I run this with sudo, it works well. And I found this comment in /private/etc/authorization: Used by task_for_pid(...). Task_for_pid is called by programs requesting full control over another program for things like debugging or performance analysis. This authorization only applies if the requesting and target programs are run by the same user; it will never authorize access to the program of another user.
But why task_for_pid() still failed though same user? How does gdb can work without sudo? I just want to implement a tool to collect some information of my application.
http://developer.apple.com/releasenotes/Security/RN-CodeSigning/ "[…]unsigned code will not be allowed to execute the task_for_pid(3) system call unless it is running as root." Cheers, Graham. -- Graham Lee Senior Macintosh Software Engineer, Sophos Tel: 01235 540266 (Direct) Web: http://www.sophos.com Sophos - Security and Control Sophos Plc, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP, United Kingdom. Company Reg No 2096520. VAT Reg No GB 348 3873 20. _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-dev mailing list (Darwin-dev@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-dev/site_archiver%40lists.appl... This email sent to site_archiver@lists.apple.com