is an entitlement, that allows other apps to get the task port of your app
if any other app runs task_for_pid() with your app process ID they'll get the task port of your app
so they can do things like for example writing and reading things on the memory
therefore being able to patch things and modify the behavior of your app
So basically as Xcode needs to touch your app's memory and work with it to debug it, you'll need to enable this for debugging
but you'll need to disable this to distribute your app or else any app would be able to get your task port
作用
The boolean value of get-task-allow determines whether Xcode's debugger can attach to the app
get-task-allow, when signed into an application, allows other processes (like the debugger) to attach to your app
是否允许别的程序去调试:当前进程=当前app=被调试的app=victim=受害者
越狱相关
If you take a look at how a jailbreak works, you'll notice one of the first things they do is get task_for_pid(mach_task_self(),0,&kernel_task); being that kernel_task is a mach_port_t with value 0, so they are able to touch the kernel's memory
As kernel entitlements do not have get_task_allow entitlement, and Apple has even removed the possibility of doing tfp0(task_for_pid 0), they need a patch