PT_DENY_ATTACH certainly isn't part of any standard. It's absolutely a Darwin-specific feature, and is thus "extra code that Apple added", and they presumably did it for exactly this application. And no, other DRM-aware apps on other OSes don't do this.
Yes, but critically in Linux you can turn it off as the administrator of the system. It affects security but not inspectability. Regardless, my response was simply to the idea that Apple was "following standards" when they clearly weren't.
So... who's very confused?