We write diagnostic tools. We need to be able to gain access to raw drives (i.e. stuff like /dev/rdisk0, /dev/rdisk0s1....etc) under High Sierra. Historically we've been able to do this under all previous OS releases either by using priviledge elevation or XPC. With High Sierra, this is no longer allowed...not even when done using XPC. The products are signed using our developer ID's so that's not the problem. The problems exist only when the targeted raw drive is the boot drive. Secondary drives have no problem. The problems only currently exist with SIP enabled under High Sierra. If SIP is disabled, everything works fine. We would prefer to not force someone to change SIP settings via csrutil (which would fix the problem) because they may very well forget to re-enable them.
Is there a way to work around this? Our products are designed to scan a drive or SSD for bad blocks, performance deviations, possible cable/connection problems between the media (i.e. rdisk0 etc) and the system, etc. etc.
Is there a way to do this? I assume there must be because otherwise drivers couldn't install without SIP being disabled.
Thanks in advance for any insight,
D.R.Turbo