1
0
mirror of https://github.com/PrivSec-dev/privsec.dev synced 2024-12-22 21:01:34 -05:00

add kernel integrity protection

This commit is contained in:
kimg45 2024-08-10 20:32:01 -05:00 committed by GitHub
parent 7c7388f760
commit 626bc7ff2b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -67,7 +67,9 @@ Apple also issues revocations for notarization tickets, which these are detected
## System Integrity Protection ## System Integrity Protection
[SIP](https://support.apple.com/guide/security/system-integrity-protection-secb7ea06b49/web) protects [system files](https://support.apple.com/en-us/102149) from being changed, even by the root user. Since it's protecting your base system files, you should **never** disable it even temporarily if you want the best security. [SIP](https://support.apple.com/guide/security/system-integrity-protection-secb7ea06b49/web) protects [system files](https://support.apple.com/en-us/102149) from being changed, even by the root user. Since it's protecting your base system files, you should **never** disable it even temporarily if you want the best security.
On Apple Silicon Macs, it's combined with [Kernel Integrity Protection](https://support.apple.com/guide/security/operating-system-integrity-sec8b776536b/web#sec41bf3cd61) to protect kernel memory from being exploited.
## Secure Boot ## Secure Boot