Document hangdump known issues on macos

[Youssef1313]

---

Internal previews

📄 File	🔗 Preview link
docs/core/testing/microsoft-testing-platform-extensions-diagnostics.md	Diagnostics extensions

[Copilot]

Pull request overview

This PR documents known issues with generating hang dumps on macOS in the Microsoft Testing Platform Extensions documentation. The content addresses authentication popup issues that prevent dump generation in CI environments and provides two workarounds.

Key Changes

• Added a "Considerations for macOS" section explaining dump generation authentication issues
• Provided two workaround options: disabling UseAppHost or applying code signing with entitlements
• Included complete MSBuild target and plist configuration examples

[Copilot]

The suggested entitlements in mtp-test-entitlements.plist (com.apple.security.get-task-allow, com.apple.security.cs.debugger, com.apple.security.cs.disable-library-validation, com.apple.security.cs.allow-dyld-environment-variables, com.apple.security.cs.allow-jit) significantly weaken macOS code signing protections; if applied broadly (as later suggested via Directory.Build.targets), this can enable debugging and task access on production binaries, facilitating code injection and tampering. An attacker or unprivileged process could leverage these entitlements to attach, modify, or bypass library validation in production environments. Limit this workaround strictly to test/debug builds (e.g., add Condition="'$(Configuration)' == 'Debug' AND '$(IsTestingPlatformApplication)'=='true'"), avoid com.apple.security.get-task-allow and com.apple.security.cs.debugger for any release builds, and ensure it is not placed in Directory.Build.targets for projects that produce deployable artifacts.

[Youssef1313]

@blowdart Please take a look. The condition IsTestingPlatformApplication should limit the workaround only to test applications. Is there any security considerations to document more clearly here?