What Happens When You Disable System Integrity Protection?

Question

Level 1

72 points

What Happens When You Disable System Integrity Protection?

Wondering where this "disabling" actually takes place. You need to boot into recovery mode, that I understand, and what actually happens when you disable SIP I also understand, but where does this "disabling" take place?

Even though you are in recovery mode, by disabling SIP is the changes made to the actual OS (in my case Mojave), or is the change made to some hidden boot system that's not part of the OS and only Apple has access to? And, if you disable SIP (or make other changes) via the Terminal while in recovery mode, and then you do a clean install of Mojave, are all those changes wiped out?

Thanks!

iMac Line (2012 and Later)

Posted on Dec 7, 2018 7:36 PM

Reply

Answer 1

Kappy

Level 10

362,007 points

Dec 7, 2018 7:43 PM in response to MargeHomer

Disable System Integrity Protection (SIP) - Rootless In OS X El Capitan - How To

When the SIP is disabled you will be able to access files and folders that are protected from user access. Re-enabling the SIP does not affect changes made while it was enabled.

Reply

Answer 2

dialabrain

Level 10

135,851 points

Dec 8, 2018 4:11 AM in response to MargeHomer

Without knowing exactly what you typed or what the messages were, it's difficult to say with 100% certainty. However, if you had a typo most likely all you had was a syntax error which wouldn't affect anything. I think it's safe to assume a clean install was more than adequate.

Reply

Answer 3

Eau Rouge

Level 8

42,656 points

Dec 8, 2018 4:09 AM in response to MargeHomer

When you do a clean install it will revert everything back to 'normal' so anything you may have done wrong in Terminal will be cancelled out.

Reply

Answer 4

Barney-15E

Level 10

122,126 points

Dec 7, 2018 8:47 PM in response to MargeHomer

There are several ways that SIP protects the file system. There are lists maintained in files, there are extended attributes attached to files and folders, and likely other ways that the OS annotates that a file/folder should be protected.

With SIP enabled, even the root user cannot manipulate the protected files.

With SIP disabled, the root user can alter anything at all.

Before SIP, the root user could alter anything. After SIP, Apple protected certain things so that even root could not change.

Reply

Answer 5

MargeHomer Author

Level 1

72 points

Dec 8, 2018 3:52 AM in response to MargeHomer

I guess I should have been more clear on my concern. I think when I did change the SIP setting via recovery/terminal I may have screwed up the spelling when I enabled SIP with "csrutil enable" and rather than the normal one line response I ended up getting about a dozen lines of text. So, just to be safe, I booted up again in recovery mode, erased the HD with Disk Utility and did a "clean install" of Mojave. So my question would have been better stated "when you do a clean install of the operating system, are any possible screw up you may have made in terminal wiped out?" Thanks again.

Reply

What Happens When You Disable System Integrity Protection?

Similar questions