Skip to content

Subsystem · Signing, sandbox, SIP, SEP

Security

Code signing, sandbox profiles, System Integrity Protection, TCC, the Sealed System Volume, and the Secure Enclave — the layered policies that keep an Apple device trustworthy.

apple-oss-distributions/SecurityOSX/libsecurity_codesigning/lib/SecCode.cppStart reading the kernel source here.Voir sur GitHub(ligne )
macOS security stackSix layered enforcement systems — code signing, AMFI, entitlements, sandbox, SIP, TCC — that together decide what a process can do on a Mac. The Secure Enclave sits to the side as the root of trust for keys.Launch a binaryexec(2)Code signingpage hashes intact?denyAMFIallowed to load?denyEntitlementswhat's granted?denySandboxpolicy says yes?denySIPkernel says yes?denyTCCuser consentall pass · process runsTRUST ANCHORSecure Enclave (SEP)Separate ARM core · own OS (SEPOS) · holds device UID, biometric secrets, FileVault key, attestation keysDevice UIDfused at manufactureTouch ID / Face IDbiometric secretsFileVault keywrapped by user pwApple Pay · App Attest · DeviceCheckattestation keyssignature trust roots in the SEPReading the diagramEach layer can refuse independently. A binary that survives all of them runs.A hole in any one layer is usually plugged by the next — defence in depth.TCC is the only layer the user sees — the others are invisible until something is refused.AppleMobileFileIntegrity.kext · Sandbox.kext · /System/Library/Sandbox/Profiles · TCC.db · csrutil
Security: structure at a glance.

No articles yet for Security.

The source link above is the best place to start in the meantime.

Articles