Enabling Cross-Task Control on Intel

From Ben's Writing

Based on: Enabling cross-task control on intel

If you want to allow mach_inject to work again for your account, you need to add yourself to the procmod group. Another option is to enable it to work for all accounts on the system, by changing the security policy for task_for_pid(). Please understand that both options re-open what some consider as a security risk.

Enabling mach_inject for your account

One way to do it is to execute the following command in a terminal:

sudo dscl . -append /Groups/procmod GroupMembership `id -un`

Unfortunately, group modifications are not taken into account immediately. You have to wait one minute or two before the kernel realizes you now belong to procmod (yes, memberd -r normally resets the cache, but the kernel seems to maintain it’s own cache). Obviously, rebooting your computer will empty kernel cache.

To remove yourself from procmod group, use the inverse command:

sudo dscl . -delete /Groups/procmod GroupMembership `id -un`

To check who is in the procmod group, use the following command:

sudo dscl . -read /Groups/procmod GroupMembership

Enabling mach_inject for all accounts

You can do this by changing the security policy for task_for_pid():

sudo sysctl -w kern.tfp.policy=1

You can disable mach_inject back with :

sudo sysctl -w kern.tfp.policy=2