个人整理的一些iOS Entitlements

0xBBC · 2014 年12 月 24 日 06:24

收集了不少Entitlement，当然也肯定有遗漏。有的就是key的字面意思，就不多做解释。
不过有的虽然字面意思好理解，不过具体的用处不太清楚，就写的Unknown use。
在替换entitlement的时候，只换上自己所需要的权限就行。
原文在此。

CanInheritApplicationStateFromOtherProcesses

Unknown use.

DataProtectionClass
NSFileProtectionComplete
Unknown use.

SBStarkCapable

Unknown use.

allow-obliterate-device

aps-connection-initiate

Unknown use.

backupd-connection-initiate

checklessPersistentURLTranslation

com.apple.AutoWake-write-access

Unknown use.

com.apple.CommCenter.fine-grained

spi
phone
identity
sms
data-usage
data-allowed
data-allowed-write

com.apple.CoreRoutine.LocationOfInterest

com.apple.QuartzCore.displayable-context

com.apple.QuartzCore.global-capture

com.apple.QuartzCore.secure-mode

有时候截屏需要签上以上这三个QuartzCore。

com.apple.SystemConfiguration.SCDynamicStore-write-access

com.apple.SystemConfiguration.SCPreferences-write-access

com.apple.radios.plist

应该是写Wi-Fi相关的配置时需要签上。

com.apple.UIKit.vends-view-services

Unknown use.

com.apple.accounts.appleaccount.fullaccess

com.apple.accounts.appleidauthentication.defaultaccess

com.apple.accounts.facebook.defaultaccess

com.apple.assistant.contextprovider

com.apple.avfoundation.allow-still-image-capture-shutter-sound-manipulation

com.apple.backboard.client

com.apple.backboardd.launchapplications

com.apple.bulletinboard.serverconduit

com.apple.bulletinboard.utilities

Unknown use.

com.apple.cards.all-access

Unknown use.

com.apple.ci

Unknown use.

com.apple.coreaudio.allow-amr-decode

com.apple.coreaudio.allow-opus-codec

com.apple.coreduetd.allow

com.apple.coremedia.allow-mpeg4streaming

com.apple.coremedia.allow-preview-encrypted-tone-playback

com.apple.coremedia.allow-protected-content-playback

com.apple.coretelephony.Identity.get

com.apple.developer.extension-host.photo-editing

com.apple.developer.game-center

Account
Scores
Achievements
Challenges
Multiplayer
TurnBasedMultiplayer

com.apple.developer.healthkit

访问Health数据

com.apple.developer.icloud-container-environment
Development

com.apple.developer.pass-type-identifiers

*.pass.com.apple.itunes.storecredit

com.apple.developer.ubiquity-container-identifiers

com.apple.shoebox

com.apple.excludes-extensions

com.apple.icloud.findmydeviced.access

com.apple.imagent.av

com.apple.ios.StoreKit.compose-review

com.apple.itunesstored.private

com.apple.keystore.device

com.apple.keystore.device.verify

com.apple.launchservices.receivereferrerrurl

com.apple.locationd.effective_bundle

com.apple.locationd.prompt_behavior

com.apple.locationd.usage_oracle

Unknown use.

com.apple.mediastream.mstreamd-access

com.apple.messages.supportsattachments

com.apple.mobilemail.mailservices

com.apple.nfcd.ce

Unknown use.

com.apple.nfcd.info

Unknown use.

com.apple.notificationcenter.widgetcontrollerhascontent

com.apple.photos.bourgeoisie

com.apple.private.CoreAuthentication.CallerPID

com.apple.private.CoreAuthentication.SPI

com.apple.private.MobileGestalt.AllowedProtectedKeys

EthernetMacAddress
WifiAddressData
WifiAddress
UniqueDeviceID

com.apple.private.accounts.allaccounts

com.apple.private.accounts.authdialoghost

com.apple.private.accounts.bypassguestmoderestrictions

com.apple.private.accounts.customaccesssinfo

com.apple.private.allow-explicit-graphics-priority

com.apple.private.appleaccount.app-hidden-from-icloud-settings

com.apple.private.assetsd.nebulad.access
camera
com.apple.private.bmk.allow

com.apple.private.calendar.allow-suggestions

com.apple.private.communicationsfilter

com.apple.private.corerecents

com.apple.private.game-center

Account
Authenticate
Profile
Friends
Games
Scores
Achievements
Challenges
Multiplayer
TurnBasedMultiplayer
GameStats

com.apple.private.healthkit

com.apple.private.healthkit.authorization_bypass

com.apple.private.healthkit.authorization_manager

com.apple.private.healthkit.medicaliddata

com.apple.private.healthkit.preferred_source

com.apple.private.iad.background-client

com.apple.private.iad.privileged-client

com.apple.private.icfcallserver

com.apple.private.ids.idquery-cache

Unknown use.

com.apple.private.ids.registration-reset

com.apple.private.imavcore.imavagent

com.apple.private.imcore.imremoteurlconnection

com.apple.private.lockdown.finegrained-get

NULL/ActivationPrivateKey
NULL/DeviceCertificate

com.apple.private.mobileinstall.allowedSPI

CheckCapabilitiesMatch
InstallForLaunchServices
UninstallForLaunchServices

com.apple.private.network.socket-delegate

com.apple.private.security.container-required

com.apple.private.social.facebook.like

com.apple.private.suggestions

com.apple.private.tcc.allow

kTCCServiceAddressBook
kTCCServiceCamera
kTCCServiceMicrophone
kTCCServiceReminders
kTCCServicePhotos
kTCCServiceCalendar

com.apple.private.tcc.allow.overridable

kTCCServicePhotos
kTCCServiceAddressBook
kTCCServiceCalendar

com.apple.private.xpc.launchd.app-server

com.apple.security.exception.files.absolute-path.read-write

/PATH/TO/THE/FILE/YOU/WANT/TO/READ/WRITE

com.apple.security.exception.iokit-user-client-class

RootDomainUserClient

com.apple.security.exception.mach-lookup.global-name

com.apple.assetsd.nebulad
com.apple.accountsd.oopa
com.apple.telephonyutilities.callservicesdaemon
com.apple.routined.registration

com.apple.seld.cm

com.apple.sh

com.apple.springboard.activateRemoteAlert

com.apple.springboard.activateawayviewplugins

com.apple.springboard.allowallcallurls

com.apple.springboard.appbackgroundstyle
YES
com.apple.springboard.debugapplications

com.apple.springboard.opensensitiveurl

com.apple.springboard.openurlinbackground

com.apple.springboard.openurlswhenlocked

com.apple.springboard.stark.activateRemoteAlert

com.apple.videoconference.allow-conferencing

com.apple.visualvoicemail.client

com.apple.wifi.manager-access

dynamic-codesigning

get-task-allow

keychain-access-groups

apple
com.apple.airplay
com.apple.youtube.credentials
com.apple.PassbookUIService
com.apple.videouploadplugins.credentials

platform-application

proc_info-allow

run-unsigned-code

seatbelt-profiles

MobileSlideShow
MobileCal
MailCompositionService

task_for_pid-allow

zoom · 2014 年12 月 24 日 10:14

好厉害，学习了，请问楼主，如果我想读取手机的序列号，或udid的话，需要签哪一个，之前没签，一读就crash

noisywolf · 2014 年12 月 25 日 09:34

我猜是这个
com.apple.private.MobileGestalt.AllowedProtectedKeys

EthernetMacAddress
WifiAddressData
WifiAddress
UniqueDeviceID

noisywolf · 2014 年12 月 25 日 09:36

你用什么方法读UDID

aspireios · 2014 年12 月 25 日 14:14

ldid -e /xxxxxxx/springboard 可以签出springboard所有的entitlements 同理也可以这样签出其他mach－o的entitlements －e后面跟mach-o的路径

0xBBC · 2014 年12 月 26 日 08:25

I got those from raw file system directly.