·
11 commits
to master
since this release
A continuation from the original archived next-loader project.
Added SIP values:
# Set the CSR values for Apple's System Integrity Protection (SIP) feature.
# Values are one-byte (two-character) hexadecimal numbers. These values
# define which specific security features are enabled. Below are the codes
# for what the values mean. Add them up (in hexadecimal!) to set new values.
# Apple's "csrutil enable" and "csrutil disable" commands set values of 10
# and 87F, respectively for Big Sur. Adding all values to the disable list will be set through FFF
# CSR_ALLOW_UNTRUSTED_KEXTS 0x001
# CSR_ALLOW_UNRESTRICTED_FS 0x002
# CSR_ALLOW_TASK_FOR_PID 0x004
# CSR_ALLOW_KERNEL_DEBUGGER 0x008
# CSR_ALLOW_APPLE_INTERNAL 0x010
# CSR_ALLOW_UNRESTRICTED_DTRACE 0x020
# CSR_ALLOW_UNRESTRICTED_NVRAM 0x040
# CSR_ALLOW_DEVICE_CONFIGURATION 0x080
# CSR_ALLOW_ANY_RECOVERY_OS 0x100
# CSR_ALLOW_UNAPPROVED_KEXTS 0x200
# CSR_ALLOW_EXECUTABLE_POLICY_OVERRIDE 0x400
# CSR_ALLOW_UNAUTHENTICATED_ROOT 0x800
#
#csr_values 10,87F
SIP_DISABLED
(CSR_ALLOW_UNTRUSTED_KEXTS |
CSR_ALLOW_UNRESTRICTED_FS |
CSR_ALLOW_TASK_FOR_PID |
CSR_ALLOW_APPLE_INTERNAL |
CSR_ALLOW_UNRESTRICTED_DTRACE |
CSR_ALLOW_UNRESTRICTED_NVRAM|
CSR_ALLOW_ANY_RECOVERY_OS|
CSR_ALLOW_UNAPPROVED_KEXTS|
CSR_ALLOW_EXECUTABLE_POLICY_OVERRIDE|
CSR_ALLOW_UNAUTHENTICATED_ROOT)
which are the default values for disabling SIP in Big Sur. Equivalent to:
csrutil disable
csrutil authenticated-root disable