The problem, he’d come to understand, was philosophical. Windows treated DLL injection like a backdoor key—messy but expected. macOS, however, had evolved into a fortress. (SIP) chained the gates. Hardened Runtime wrapped the executables in armor. Notarization meant Apple had to personally approve every key before it worked.
He saved his notes: “macOS injection is dead. Long live code injection via preload and entitlements.” dll injector for mac
He pivoted. Instead of injecting a raw DLL (which macOS didn’t even use—those were .dylib or .bundle files), he decided to target an unsigned, self-built app. A test dummy. He wrote a tiny payload: a dylib that, when loaded, would printf(“Injected.\n”) into the console. The problem, he’d come to understand, was philosophical
Right— task_for_pid() was locked down tighter than a bank vault. On modern macOS (12+), even with entitlements, you couldn’t just grab a task port unless the target process was complicit or you were root with SIP disabled. (SIP) chained the gates