I am currently trying to debug a problem in a Java program that at some point jumps into a JNI function and never returns from it. So to debug this JNI code I want to attach LLDB. The problem is that the Java process does not have the com.apple.security.get-task-allow entitlement set, so the debugger cannot attach to the process.
Apparently one possible solution is to disable system integrity protection at boot time. As I am working on a company machine this is sadly not possible for me.
Is there a JDK version that has the required entitlement set?
I don't know if there are any pre-compiled JDK binaries with com.apple.security.get-task-allow set, but if you are willing to compile the binary from source there is a configuration option to set the entitlement: --with-macosx-codesign=debug which will attempt to perform adhoc signing to add the special entitlement com.apple.security.get-task-allow
You can read how to compile your own JDK from:
Here: How to compile the JDK from sources? at stackoverflow.com
and Here Building the JDK. at openjdk.org
if you are willing to download a bunch of JDKs, you can use codesign -d --entitlements :- /path/to/jdk/bin/java to check for the get-task-allow entitlement or codesign -dv --verbose=4 /path/to/jdk/bin/java to see if Signature=adhoc is set