Introduction

Describes a security feature that protects against unauthorized access to system locations and processes.

At a Glance

This document covers the key concepts of System Integrity Protection and explains the implications it has on the design and capabilities of apps.

System Locations Cannot Be Written To

System files can be modified only by system processes signed with Apple’s code signing identity. App processes should instead write to locations designated for third-party developers.

Relevant Chapter: File System Protections

System Processes Cannot Be Attached To

System binaries can be modified only by Apple Installer and Software Update from Apple-provided packages, and no longer permit runtime attachment or code injection.

Relevant Chapter: Runtime Protections

Kernel Extensions Must Be Signed

Kernel extensions must be signed with a Developer ID for Signing Kexts certificate.

Relevant Chapter: Kernel Extensions

System Integrity Protection Is Configured On Recovery OS

Security configuration is stored in NVRAM, and applies to the entire machine Persists across OS install. You can enable and disable System Integrity Protection by booting to Recovery OS and running the csrutil(1) command.

Relevant Chapter: Configuring System Integrity Protection

Prerequisites

Read Security Overview to understand the technologies used to make macOS secure.

For more information about kernel extensions, read the Kernel Programming Guide .