I am currently trying to debug a problem in a Java program that at some point jumps into a JNI function and never returns from it. So to debug this JNI code I want to attach LLDB. The problem is that the Java process does not have the com.apple.security.get-task-allow entitlement set, so the debugger cannot attach to the process.
Apparently one possible solution is to disable system integrity protection at boot time. As I am working on a company machine this is sadly not possible for me.
Is there a JDK version that has the required entitlement set?
I don't know if there are any pre-compiled JDK binaries with
com.apple.security.get-task-allowset, but if you are willing to compile the binary from source there is a configuration option to set the entitlement:--with-macosx-codesign=debugwhich will attempt to perform adhoc signing to add the special entitlementcom.apple.security.get-task-allowYou can read how to compile your own JDK from:
Here: How to compile the JDK from sources? at stackoverflow.com
and Here Building the JDK. at openjdk.org
if you are willing to download a bunch of JDKs, you can use
codesign -d --entitlements :- /path/to/jdk/bin/javato check for theget-task-allowentitlement orcodesign -dv --verbose=4 /path/to/jdk/bin/javato see ifSignature=adhocis set