System Integrity Protection

GPTKB entity

Statements (28)
Predicate Object
gptkbp:instanceOf gptkb:security
gptkbp:abbreviation gptkb:SIP
gptkbp:appliesTo gptkb:macOS
gptkbp:canBeDisabled yes
gptkbp:configuration Recovery Mode
csrutil disable
csrutil enable
gptkbp:disabledUsing gptkb:csrutil
gptkbp:enforcedBy kernel extension
https://www.w3.org/2000/01/rdf-schema#label System Integrity Protection
gptkbp:introduced gptkb:Apple_Inc.
gptkbp:introducedIn gptkb:OS_X_10.11
gptkb:OS_X_El_Capitan
gptkbp:prevention injection of code into system processes
modification of Apple pre-installed apps
modification of system files by root user
gptkbp:protectedBy /System directory
/bin directory
/sbin directory
/usr directory (except /usr/local)
system apps and processes
system integrity
gptkbp:purpose protect system files and processes
gptkbp:relatedTo macOS security
rootless security model
gptkbp:status enabled
gptkbp:bfsParent gptkb:macOS
gptkbp:bfsLayer 5