Home Articles Security Subsystem · Signing, sandbox, SIP, SEP
Security Code signing, sandbox profiles, System Integrity Protection, TCC, the Sealed System Volume, and the Secure Enclave — the layered policies that keep an Apple device trustworthy.
macOS security stack Six layered enforcement systems — code signing, AMFI, entitlements, sandbox, SIP, TCC — that together decide what a process can do on a Mac. The Secure Enclave sits to the side as the root of trust for keys. Launch a binary exec(2) Code signing page hashes intact? deny AMFI allowed to load? deny Entitlements what's granted? deny Sandbox policy says yes? deny SIP kernel says yes? deny TCC user consent all pass · process runs TRUST ANCHOR Secure Enclave (SEP) Separate ARM core · own OS (SEPOS) · holds device UID, biometric secrets, FileVault key, attestation keys Device UID fused at manufacture Touch ID / Face ID biometric secrets FileVault key wrapped by user pw Apple Pay · App Attest · DeviceCheck attestation keys signature trust roots in the SEP Reading the diagram Each layer can refuse independently. A binary that survives all of them runs. A hole in any one layer is usually plugged by the next — defence in depth. TCC is the only layer the user sees — the others are invisible until something is refused. AppleMobileFileIntegrity.kext · Sandbox.kext · /System/Library/Sandbox/Profiles · TCC.db · csrutil Security: structure at a glance.