Entitlements are held by binaries and are used to grant specific privileges to them. For example, an entitlement is required to be able to use some of CoreTelephony.framework's calling APIs, but a different entitlement is required to be able to read and write NVRAM data.
They are verified using the SecTaskCopyValueForEntitlement [Archived 2022-08-15 at the Wayback Machine] function from Security.framework.
Entitlements were stored in XML format until iOS 15 (and equivalent operating system versions), where Apple changed to using DER-formatted entitlements inside binaries. However, using ldid, you can still specify an XML file with your entitlements for pseudo-signing a binary.
Each provisioning profile using in code-signing has its own collection of entitlements that it is allowed to grant binaries. If you try to sign a binary with entitlements that are not allowed in the provisioning profile, you will not be able to obtain a valid code signature on your binary.
How to dump from binaries
Using ldid you can extract a property list containing the entitlements of a binary. To do so, you can do:
ldid -e binary
For example, to dump SpringBoard's entitlements you would do:
ldid -e /System/Library/CoreServices/SpringBoard.app/SpringBoard
Known entitlements
![[icon]](/wiki/File:Wiki_letter_w_cropped.svg){kind=small} | This section is empty. This section could contain a table of binaries with their respective entitlements, their types (boolean or array), iOS versions where they exist, "Used by" and "Checked by". You can help by adding to it. (April 2024) |