launchdaemon
launchdaemon
/ sip_config.py
Created
July 25, 2023 15:09
— forked from pudquick/sip_config.py
Querying active SIP status directly from the kernel, bypassing nvram and csrutil, via python on macOS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # An overly complicated SIP config checker | |
| # This is a technically interesting implementation because it does not rely on csrutil | |
| # Instead it queries the kernel directly for the current configuration status | |
| # This means, for example, in environments where SIP has been disabled and csrutil has | |
| # been removed or modified (say, with DYLD_LIBRARY_PATH), as long as python can run you | |
| # can still check status | |
| # Additionally, checking the nvram csr-active-config setting isn't accurate now with | |
| # 10.12.2+, since running "sudo csrutil clear" deletes the variable until reboot, |