tags:

views:

624

answers:

1
+1  Q: 

iPhone + Provisioning Profile + app-info.plist + entitlements.plist = iPhoneApp ? How ? What exactly does entitlemets.plist do ?

To execute my application in iPhone first of all I have to add provisioning profile in to my iPhone. Good. But I don't understand the reason behind adding a entitlements.plist in iphone application in xCode under resources.

  • What does that entitlements.plist file do actually ?
  • Why that .plist file have only single Boolean in it ? (get-task-allow)
  • Can't we add that Boolean variable to application-info.plist ?

I mean, I can't find the reason behind storing a single Boolean variable in separate plist file. Instead application-info.plist already contains many many application settings. Can't we just add this Boolean variable to application-info.plist.

Ok, any way. I know - it won't be possible. Because we have to follow - what apple says. But, here main intention behind all these was

  • "what is the basic need of entitlements.plist ?" or
  • "what is the functionality of entitlements.plist ?"
  • "How provisioning profile, entitlements.plist, application-info.plist & iPhone application compile all together & make verification on iPhone & execute it on iPhone ? "
+2  A: 

Entitlements is actually a security measure of iPhoneOS. Quoted from the iPhone Development Guide:

Entitlements. These files define properties that provide your application access to iPhone OS features (such as push notifications) and secure data (such as the user’s keychain).

Publicly, the only entitlement key you could use is get-task-allow, which eventually enables the ptrace() function to be used for the app, thus enabling debugging.

But there are a lot of entitlements used privately, e.g.

  • task_for_pid-allow, to allow controlling other processes (via the task_for_pid() function)
  • run-unsigned-code, to allow running code from this app without signature.
  • com.apple.springboard.launchapplications, com.apple.springboard.wipedevice, etc.

The plist will be attached to and signed alongside the binary of the app — unlike Info.plist which is not signed. If the chain of trust is not broken, this acts as an entitlement of rights to some (dangerous) actions.

KennyTM  2010-04-21 06:29:02
run-unsigned-code , com.apple.springboard.launchapplications , task_for_pid-allow - great. how did you came to know all about this ?
sugar  2010-04-21 06:32:29
@sagar: Reverse engineering. (And of course if you include any of these in the entitlement for AppStore it will be rejected.)
KennyTM  2010-04-21 06:47:46
@KennyTM - What sort of reverse engineering? I'm interested. Also, how deep is Apple's reversing ability on submitted apps? Do they really check these things? I saw a game submitted recently that crashed on launch because of a missing texture file in the app bundle. They are missing some obvious checks at the App Store.
Moshe  2010-05-17 03:33:47

related questions

How do we get arround Apple's decission to skip sms templates for iPhone?
iPhone App Crashing - Error Question
Can I write native iPhone apps using Python
Does the Iphone 1/2 have a compass inside?
How do you beta test an iphone app?
Is it just the iPhone simulator that is restricted to intel only Mac's?
iPhone App Minus App Store?
Deleting messages from Exchange IMAP mailbox on iPhone
Is there a multiplatform framework for developing iPhone / Android applications?
How can I launch the Google Maps iPhone application from within my own native application?
Tips for a successful AppStore submission?
iPhone app that access the Core Location framework over web
Virtual Mac?
What's a good machine for iPhone development?
How can I develop for iPhone using a Windows development machine?
Recommended iPhone Development Resources
Best Wiki for Mobile Users
How to programmatically send SMS on the iPhone?
iPhone - Exchange Calendars in Public Folders
iPhone web applications, templates, frameworks?
Understanding reference counting with Cocoa / Objective C
How-to articles for iPhone development, Objective-C
What are the correct pixel dimensions for an apple-touch-icon?
How do I give my web sites an icon for iPhone?
iPhone app in landscape mode