Key | Type | Used by | Checked by | Notes |
---|---|---|---|---|
com.apple.springboard.debugapplications | boolean | gdb gdbserver | SpringBoard: _SBXXCancelWatchdogAssertionForProcess _SBXXRenewWatchdogAssertionForProcess _SBXXAddWatchdogAssertionForProcess _SBXXLaunchApplicationForDebugging | |
com.apple.springboard.launchapplications | boolean | iapd Cydia.app Preferences.app Web.app | SpringBoard: _SBXXLaunchApplicationWithIdentifier | |
com.apple.springboard.opensensitiveurl | boolean | CoreLocation.framework dataaccessd ManagedConfiguration.framework AppStore.app MobileAddressBook.app MobileMail.app MobileMusicPlayer.app MobileSafari.app MobileStore.app Preferences.app locationd | SpringBoard: _SBXXOpenSensitiveURL | |
com.apple.springboard.wipedevice | boolean | dataaccessd Preferences.app | SpringBoard: _SBXXDataReset | |
com.apple.springboard.setnowplayinginformation | boolean | YouTube.framework MobileMail.app MobileSafari.app YouTube.app | ? | |
com.apple.springboard.activateawayviewplugins | boolean | SpringBoard: _SBXXEnableLockScreenBundle | ||
com.apple.remotenotification.server.preferences | boolean | Preferences.app | SpringBoard: _SBRNSetBundleIdentifierTypes | |
get-task-allow | boolean | gdb gdbserver | ? | The only documented entitlement key, means "Can be debugged". |
task_for_pid-allow | boolean | ReportCrash ps gdb gdbserver | kernel | |
keychain-access-groups | array of strings | Too many | ? | Everyone uses it has the value (apple). |
application-identifier | string | Too many | ? | The content may not be the same as the bundle ID. For example, the application-identifier for AppStore apps will be (10 random characters).(bundle ID) |
allow-obliterate-device | boolean | SpringBoard | ? | |
seatbelt-profiles | array of strings | MobileMail.app MobileSafari.app Web.app | kernel? | |
modify-anchor-certificates | boolean | Preferences.app | ? |
The entitlement of a task can be obtained using the undocumented SecTask*** functions. Because of this, a library can define a set of entitlement keys other applications using it must follow.
No comments:
Post a Comment