Entitlements: Difference between revisions

From iPhone Development Wiki
(Added a sentence to explain what entitlements are.)
No edit summary
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
Entitlements are used to grant specific privileges to a program. For example, an entitlement is required to be able to use some of [[CoreTelephony.framework]]'s calling APIs.
Entitlements are used to grant specific privileges to a program. For example, an entitlement is required to be able to use some of [[CoreTelephony.framework]]'s calling APIs.


== How to dump from binaries ==
They are verified using the [https://opensource.apple.com/source/libsecurity_codesigning/libsecurity_codesigning-55037.6/lib/SecTask.h SecTaskCopyValueForEntitlement] function from [[Security.framework]].
 
= How to dump from binaries =


Using [[ldid]] you can extract a property list containing the entitlements of a binary. To do so, you can do:
Using [[ldid]] you can extract a property list containing the entitlements of a binary. To do so, you can do:
Line 9: Line 11:
   ldid -e /System/Library/CoreServices/SpringBoard.app/SpringBoard
   ldid -e /System/Library/CoreServices/SpringBoard.app/SpringBoard


== Known entitlements ==
= Known entitlements =
 
''This section could contain a table of binaries with their respective entitlements, their types (boolean or array), iOS versions where they exist, "Used by" and "Checked by".''
''This section could contain a table of binaries with their respective entitlements, their types (boolean or array), iOS versions where they exist, "Used by" and "Checked by".''


== References ==
= External Links =


* [http://networkpx.blogspot.com/2009/06/incomplete-list-of-entitlement-keys.html KennyTM's incomplete list]
* [http://networkpx.blogspot.com/2009/06/incomplete-list-of-entitlement-keys.html KennyTM's incomplete list]
* Apple's documentation: [https://developer.apple.com/library/mac/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/AboutEntitlements.html About Entitlements] + [https://developer.apple.com/library/ios/documentation/IDEs/Conceptual/AppDistributionGuide/AddingCapabilities/AddingCapabilities.html Adding Capabilities]
* Apple's documentation: [https://developer.apple.com/library/mac/documentation/Miscellaneous/Reference/EntitlementKeyReference/Chapters/AboutEntitlements.html About Entitlements] + [https://developer.apple.com/library/ios/documentation/IDEs/Conceptual/AppDistributionGuide/AddingCapabilities/AddingCapabilities.html Adding Capabilities]
* [http://newosxbook.com/ent.jl OS X/iOS Entitlement Database]

Latest revision as of 14:43, 18 May 2017

Entitlements are used to grant specific privileges to a program. For example, an entitlement is required to be able to use some of CoreTelephony.framework's calling APIs.

They are verified using the SecTaskCopyValueForEntitlement function from Security.framework.

How to dump from binaries

Using ldid you can extract a property list containing the entitlements of a binary. To do so, you can do:

 ldid -e binary

For example, to dump SpringBoard's entitlements you would do:

 ldid -e /System/Library/CoreServices/SpringBoard.app/SpringBoard

Known entitlements

This section could contain a table of binaries with their respective entitlements, their types (boolean or array), iOS versions where they exist, "Used by" and "Checked by".

External Links