DYLD_INSERT_LIBRARIES doesn't work for app signed with entitlements on Mountain Lion

Question

I notice that DYLD_INSERT_LIBRARIES no longer works in Mountion Lion if the application is codesigned with entitlements. For example:

DYLD_INSERT_LIBRARIES=./mylib.dylib /Applications/Safari.app/Contents/MacOS/Safari
  dyld: DYLD_ environment variables being ignored because main executeable is code signed with entitlements.

I know this is probably a new security feature added to Mountion Lion. Anyone knows if there is an alternative way to do similar thing on Mountain Lion? Thanks!

Answer 1

There is no way to make DYLD_INSERT_LIBRARIES work on applications of this nature.

dyld strips all DYLD_ environment variables on applications it considers to be restricted, which includes setuid/setgid binaries and those signed with particular entitlements. You can see how this work by looking at the dyld source. In particular, processRestricted is responsible for determining whether the restrictions should be applied and pruneEnvironmentVariables does the special handling of the environment variables.