Security entitlements
Key-value pairs that grant an executable access to secure resources, or enable hardening checks.
Topics
Automation
Networking
Device access
Audio Input EntitlementCamera entitlementcom.apple.security.device.microphonecom.apple.security.device.usbcom.apple.security.printcom.apple.security.device.bluetoothcom.apple.security.smartcard
Personal information
Files and media
App Sandbox Entitlementcom.apple.security.files.user-selected.read-onlycom.apple.security.files.user-selected.read-writecom.apple.security.files.downloads.read-onlycom.apple.security.files.downloads.read-writePrivileged File Operationscom.apple.security.assets.pictures.read-onlycom.apple.security.assets.pictures.read-writecom.apple.security.assets.music.read-onlycom.apple.security.assets.music.read-writecom.apple.security.assets.movies.read-onlycom.apple.security.assets.movies.read-writeAll files entitlementData Protection Entitlement
Hardened runtime
Allow execution of JIT-compiled code entitlementAllow Unsigned Executable Memory EntitlementAllow DYLD environment variables entitlementDisable Library Validation EntitlementDisable Executable Memory Protection EntitlementDebugging tool entitlement
Hardened process
com.apple.security.hardened-processcom.apple.security.hardened-process.enhanced-security-versioncom.apple.security.hardened-process.enhanced-security-version-stringcom.apple.security.hardened-process.hardened-heapcom.apple.security.hardened-process.platform-restrictionscom.apple.security.hardened-process.platform-restrictions-stringcom.apple.security.hardened-process.dyld-ro
Hardware memory tagging
com.apple.security.hardened-process.checked-allocationscom.apple.security.hardened-process.checked-allocations.soft-modecom.apple.security.hardened-process.checked-allocations.enable-pure-datacom.apple.security.hardened-process.checked-allocations.no-tagged-receive