How do I find out what entitlements an app has?

applications mac-appstore

Sandboxed apps have to declare their entitlements. Of course, that doesn't do me any good if I can't tell what entitlements it declares. A text editor that has entitlements for Core Location, Network Server, and my Address Book, without my knowledge, could be much worse than an unsandboxed app.

How can I see what entitlements an app has?


Solution 1:

After some more searching, I found a command-line answer:

codesign -d --entitlements :- /Applications/Whatever.app/

This will print out an XML plist with values like:

<key>com.apple.security.app-sandbox</key>
<true/>
<key>com.apple.security.files.user-selected.read-write</key>
<true/>

For more information see https://developer.apple.com/library/archive/qa/qa1798/_index.html#//apple_ref/doc/uid/DTS40014167-CH1-IOS_STEPS

If anyone knows an easier/nicer way, though, I'd love to hear it.

Related

Are there any features like Winamp's auto tag exist for iTunes?
How to Screen Sharing / VNC to an iMac without waking the display?
how to avoid the "downloaded application" warning for a Standard User
Really confused about how to reset SMC and PRAM and NVRAM on my Macs and iPad and iPhone?
How to dump the content of keychain from the shell?
Is it possible to turn off the Two-Factor Authentication for an Apple ID?
MacOS High Sierra: An error occurred while verifying firmware
Make a script/app run on logout
Can I connect more than one external monitor to the late 2010 MacBook Air?
OS X is repeatedly asking for login keychain password
Mouse Pointer Locator
Disable App Update Notifications on OSX?