There are two separate layers people often confuse:
1) Having the task_for_pid entitlement 2) Being allowed to obtain a task port for a target process
AMFI and the kernel enforce the second one.
Even if your binary has the entitlement, the kernel will still refuse task_for_pid() for many targets (Apple platform binaries, hardened runtime processes, protected tasks, etc). In those cases the call simply fails.
Older blog posts and guides often mention disabling AMFI with a boot argument like:
amfi_get_out_of_my_way=1
(also seen as amfi=0x80)
That advice is now largely outdated on Apple Silicon.
On modern M-series Macs the boot chain is tied into Secure Boot and the Secure Enclave. The kernel image, boot policy, and security configuration are verified during boot, and the system enforces what boot arguments are allowed to affect security policy.
In practice this means:
• You cannot freely change security-sensitive boot args from a normal system. • Boot policy is enforced by the secure boot chain. • Root does not get to override it.
Changing these policies requires booting into Recovery and modifying the machine’s security mode (Reduced Security). Even then, many AMFI protections remain active.
So the old “just set amfi_get_out_of_my_way and reboot” trick that worked on older Intel systems does not translate cleanly to Apple Silicon machines.
As a result, signing a tool with task_for_pid does not magically give you the ability to attach to arbitrary system processes on modern macOS. Without weakening the system’s boot security policy or patching the kernel, AMFI-protected processes remain non-attachable by design.
There would be indirection somewhere, but that could be high up the code tree, so zero impact on downstream performance sensitive code.
"Fortify your app: Essential strategies to strengthen security"
Native devs: what are your go to quality of live improvements?
They ship with an existing library of components, you drag and drop them onto a blank canvas, move them around, live preview how they’ll change at different screen sizes, etc… then switch to the code to wire up all the event handlers etc.
All the iteration on design happens before you start compiling, let alone running.
Most video game teams are < 30% programmers.
Often use dynamic/scripting languages to improve iteration on gameplay code, even if a lot of the fundamental underlying code is native. And add dev-time hot reloading wherever we can so when you change a texture, it reloads ≈immediately without needing to so much as restart the level. We exile as much as we can to tables and other structured data formats which can easily be tweaked and verified by non-coders so we're not a bottleneck for the game designers and artists who want to tweak things, and make that stuff hot-reloadable if possible as well.
We also often have in-house build server farms full of testing code, because it's such a pain in the ass to iterate with anything dynamic. After all, games are huge, and sufficient testing to make sure all your uncompiled unanalyzed typecheckless code works is basically impossible - things are constantly breaking as committed during active development, and a decent amount of engineering work is frequently dedicated to such simple tasks as triaging , collecting, and assigning bugs and crash reports such that whomever broke it knows they need to fix it, as well as allowing devs and designers to work from previous "known good" commits and builds so they aren't blocked/unable to work on their work - which means internal QA helping identify what's actually "known good", hosting and distributing multiple build versions internally such that people don't have to rebuild the universe themselves (because that's several hours of build time), etc.
Some crazy people invest in hot-reloadable native code. There's all kinds of limits on what kinds of changes you can make in such a scenario, but it's entirely possible to build a toolchain where you save a .cpp file, and your build tooling automatically kicks off a rebuild of the affected module(s), triggering a hot reload of the appropriate .dll, causing your new behavior to be picked up without restarting your game process. Which probably means it'll immediately crash due to a null pointer dereference or somesuch because some new initialization code was never triggered by the hot reloading, but hey, at least it theoretically works!
And, of course, nothing is stopping you from creating isolated sandboxes/examples/test cases where you skip all the menuing, compiling unrelated modules, etc. and iterating in that faster context instead of the cumbersome monolith for most of your work.
re, GUIs in statically typed languages: As you might expect, folks typically use a library. See Unreal Engine, raylib, godot, qt, etc. Sans that, any sort of 2D graphics library can get the job done with a little work.
You might also take a look at SwiftUI if you have an Apple device.
while imgui is super-cool, this is wildly overstating its reach or significance. It also embodies a very particular style of GUI programming (so-called "immediate mode", hence the "Im" part of the name) that is very well suited to some sorts of GUI applications and less so for others. The other style, often called "deferred mode", is the one used by most native toolkits, and it is very far from trivial to just switch an application between the two.
So, while there are plenty of good reasons to consider imgui for a graphical application, there are also many reasons why you would not want to use it too. It is very far from "standard" in terms of prototyping such apps.