I'm don't want to give details here as it is off topic. But I can give you some hints.
To use task_for_pid, you don't need to run your tool as root. You can to it by properly signing your tool with a trusted certificate (a self signed certificate is enough as long as you install it properly in your Keychain). see man taskgated for some information. And See the instruction at "http://llvm.org/svn/llvm-project/lldb/trunk/docs/code-signing.txt"; to see how you can make it works (Keychain's bugs workaround included). The drawback will be that your tool will present you an authentication dialog at launch. Le 16 mars 2012 à 23:56, Prime Coderama a écrit : > Shouldn't the the SMJobBless example be used? Although I am still struggling > to get this to work - even have an open Apple support issue. > > On 16/03/2012, at 11:45 PM, Jean-Daniel Dupas wrote: > >> >> Le 16 mars 2012 à 13:27, Gerriet M. Denkmann a écrit : >> >>> >>> On 16 Mar 2012, at 19:17, Jean-Daniel Dupas wrote: >>> >>>> >>>> Le 16 mars 2012 à 12:33, Gerriet M. Denkmann a écrit : >>>> >>>>> I have an app which needs to do (among other things) to call >>>>> task_for_pid() which seems to work only for root. >>>>> >>>>> The modern way to do this is have a small companion tool which exchanges >>>>> info with my app via XPC. Correct? >>>>> >>>>> I am also thinking about sandboxing (just as a learning experience). Or >>>>> is root and sandboxing mutually exclusive? >>>>> >>>>> Then: how to make my companion tool run as root? >>>>> Is there a sandboxing entitlement like: com.apple.security.rootAllowed? >>>>> If not: what else to use? >>>>> >>>> >>>> The short answer is don't expect to use task_for_pid with sandboxing. This >>>> function is restricted for good reasons. >>> >>> Ok, so let's forget about sandboxing. Not very important - not aiming for >>> the Mac Store. >>>> >>>> What are you trying to do that require to get an other process mach port ? >>> Something like vmmap. >> >> So, I fear this is note the good list for such question. darwin-dev, will be >> a better place. >> >> -- Jean-Daniel >> >> >> _______________________________________________ >> >> Cocoa-dev mailing list ([email protected]) >> >> Please do not post admin requests or moderator comments to the list. >> Contact the moderators at cocoa-dev-admins(at)lists.apple.com >> >> Help/Unsubscribe/Update your Subscription: >> https://lists.apple.com/mailman/options/cocoa-dev/prime.coderama%40gmail.com >> >> This email sent to [email protected] > -- Jean-Daniel _______________________________________________ Cocoa-dev mailing list ([email protected]) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to [email protected]
