Glossary
Task port
The Mach port that represents a process to the kernel — and that, in send-right form, grants arbitrary read/write/execute capability over that process.
A task port is a Mach port that names a task — XNU's term for the kernel-side state of a process (its address space, port namespace, and threads).
Holding a send right to a task port lets you call methods on the task: read its memory (mach_vm_read), write its memory (mach_vm_write), allocate new memory (mach_vm_allocate), change protections (mach_vm_protect), and create threads at arbitrary entry points (thread_create_running). Combined, those calls equal arbitrary code execution inside the target process.
Apple recognises this and gates the only way to get a task port for a foreign process — task_for_pid — behind multiple checks: root + same audit session, the com.apple.system-task-ports entitlement (Apple-only), the com.apple.security.cs.debugger entitlement on the caller paired with get-task-allow on the target, or an explicit TCC exception via Developer Tools.
Newer macOS releases introduce three narrower task-port variants:
task_name_port— read-only metadata (PID, audit token). No memory access. Returned bytask_name_for_pid.task_read_port— read-only memory access. Returned bytask_read_for_pid. Used byvmmap,sample, Time Profiler.task_inspect_port— read-only statistics. Returned bytask_inspect_for_pid.
If your tool doesn't strictly need write access, prefer one of the narrower variants — they survive sandbox tightening and trigger fewer security alerts.