How to enable specific part of System Integrity Protection(SIP) while keeping few sections of it disabled.

macOS SIP supports a set of hidden options to disable few sections of SIP by passing hidden options to csrutil tool.

Each of these can be selectively disabled by running one of the following commands while booted into Recovery mode:

csrutil enable --no-internal
csrutil enable --without kext
csrutil enable --without fs
csrutil enable --without debug
csrutil enable --without dtrace
csrutil enable --without nvram

You can disable two or more components by structuring the command as follows:

csrutil enable --without kext --without debug

How to disable /enable to SIP , refer to http://anandmpandit.blogspot.in/2015/11/how-to-disable-system-integrity.html.

Note : These options are tested on macOS ElCapitan , on higher version of macOS some or all of them may not work.

Comments

How to extract signing certificates from macOS binary files

Code signing is a macOS security technology that you use to certify that an app was created by you. Once an app is signed, the system can detect any change to the app—whether the change is introduced accidentally or by malicious code. As Apple Developer site says ( click here for more details on code signing) : code signing allows the operating system to: Ensure that a piece of code has not been altered since it was signed. The system can detect even the smallest change, whether it was intentional (by a malicious attacker, for example) or accidental (as when a file gets corrupted). When a code signature is intact, the system can be sure the code is as the signer intended. Identify code as coming from a specific source (a developer or signer). The code signature includes cryptographic information that unambiguously points to a particular author. Determine whether code is trustworthy for a specific purpose. Among other things, a developer can use a ...

How to find firmware or boot ROM version in Mac OS X

Firmware and boot ROM version of your mac can be found in two ways. Way 1 : 1. From "Apple" menu , choose "About This Mac" menu item. 2. Click " More Info " to open "System Profiler" application. 3. Under Contents -> Select Hardware Tree item. On the right side panel Under hardware overview section, we can see Boot ROM Version and SMC (Firmware) Version. Way 2 : Run the below command in terminal to get boot ROM version and SMC(firmware) version : $ system_profiler SPHardwareDataType | grep -i "Version" | awk -F ':' '{print $1 $2}'

How to get a certificate fingerprint as SHA-256, SHA-1 or MD5 using OpenSSL on mac

As per my old post ( http://anandmpandit.blogspot.in/2016/11/how-to-extract-signing-certificates.html ) , we can extract the binary signing certificates on mac using codesign tool. If you needed to get fingerprint details of the certificate in MD5, SHA1 or SHA256 format then you have run below steps on the extracted certificate file on macOS. SHA256: SHA256 Fingerprint=D3:0A:32:6C:77:77:93:B5:45:20:AC:C0:D4:7E:3A:84:34:50:96:54:08:7F:7D:63:4C:3E:06:3B:E8:1F:C1:90 SHA1: SHA1 Fingerprint=BF:2C:93:1F:BD:88:E5:4C:96:D8:86:D5:F1:E6:9B:B7:DE:76:51:62 MD5: MD5 Fingerprint=3C:A3:3B:76:6D:AE:3F:4B:4E:B2:AA:66:97:55:B8:76

Anand Pandit's Blog

Search This Blog