It’s hard to say what’s going on here. Library validation prevents your app from importing external frameworks like this (documented in the
codesign
man page page), but you’ve already disabled that. I have two theories:
Your attempt to disable library validation failed for some reason. How did you confirm that it’s actually off? (A)
There’s some other hardened runtime flag that’s preventing your framework from loading (B).
To test A, enable the hardened runtime, disable library validation, remove your import, and run your program. It should launch just fine. Then run
codesign
against your
pid. This will tell you whether your library validation change ‘stuck’.
For example, here’s what you see when using the hardened runtime with no exceptions:
$ codesign -d -v --entitlements :- `pgrep test`
…
CodeDirectory v=20500 size=429 flags=0x10000(runtime) hashes=4+5 location=embedded
…
<plist version="1.0">
<dict>
<key>com.apple.security.get-task-allow</key>
<true/>
</dict>
</plist>
And here’s what you see when you disable library validation:
$ codesign -d -v --entitlements :- `pgrep test`
…
CodeDirectory v=20500 size=429 flags=0x10000(runtime) hashes=4+5 location=embedded
…
<dict>
<key>com.apple.security.cs.disable-library-validation</key>
<true/>
<key>com.apple.security.get-task-allow</key>
<true/>
</dict>
</plist>
To investigate B, disable all of the hardened runtime checks (these are listed in the Runtime Exceptions section of Xcode’s Capabilities editor) and see if you app works. If it does, selective re-enable them to see where it stops working.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"