The folder doesn't appear to be SIP protected / restricted. But when I run
sudo touch /Library/SystemExtensions/testing123
It fails. Clearly there's a protection I'm unaware of but can't figure it out. If it's not SIP, not TCC (FDA), then what could it be? This is not for an app, I'm just trying to understand macOS and this is a gap in my understanding.
This is not for an app, I'm just trying to understand macOS
This is one of the many flavours of MAC. See my On File System Permissions post.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
Thank you for the reply eskimo. So is it a data vault? It can't be TCC since FDA is enabled for the terminal process on my Mac. Which would make sense since disabling SIP enables me to create files in that folder.
So to confirm, the only way to write to this directory is by disabling SIP?
So is it a data vault?
*shrug*
It’s probably not a data vault in the technical sense [1] but it’s along similar lines: An area of the file system where access is restricted based on entitlements.
the only way to write to this directory is by disabling SIP?
Or by not booting from that volume. I generally avoid disabling SIP so if I need to monkey around inside entitlement-protected areas of the file system I typically do that from recovery mode.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
[1] As my post says, data vaults aren’t a third-party opportunity so their definition is kinda fuzzy.
