Following the migration of Catalina-based system to new blade SSD (more details in my previous thread this sub-forum) the check conducted using SilentKnight reports SIP to be disabled:
Except for status of FileVault2 on system drive the sip issue is the only one found - marks at all other test points are green ticks.
The migration procedure conducted didn't include however the step of SIP disablement, hence it must been some of Apple processes which conducted this change. Regarding SIP the report points out two disabled points: Apple Internal and Filesystem Protections.
To be honest the SIP status wasn't checked before system SSD upgrade. History of this Mac is however known very well and one can tell that user/administrator had never the intention to disable SIP.
How bad are the two disabled functions reported?
How may fixing look like?
Is it a known behavior?
RESOLVED by 'csrutil enable' in recovery mode. No idea how and when the custom config of SIP has been enforced. One is sure, SilentKnight test conducted before Catalina migration didn't detect SIP to be disabled. Rather it was being reported as enabled that time.
Code:
Mac model iMac14,2
...
❌ System Integrity Protection status: unknown (Custom Configuration).
Configuration:
Apple Internal: disabled
Kext Signing: enabled
Filesystem Protections: disabled
Debugging Restrictions: enabled
DTrace Restrictions: enabled
NVRAM Protections: enabled
BaseSystem Verification: enabled
This is an unsupported configuration, likely to break in the future and leave your machine in an unknown state.
✅ XProtect assessments enabled
...
XProtect Remediator scans not checked.
macOS Version 10.15.7 (Build 19H2026)
Latest updates installed:
XProtectPlistConfigData 2024-09-04 09:35:07 +0000 : 5272
XProtectPayloads 2024-09-04 09:35:07 +0000 : 145
MRTConfigData 2024-09-04 09:40:53 +0000 : 1.93
✅ Software Update Tool
Finding available software
No new software available.Except for status of FileVault2 on system drive the sip issue is the only one found - marks at all other test points are green ticks.
The migration procedure conducted didn't include however the step of SIP disablement, hence it must been some of Apple processes which conducted this change. Regarding SIP the report points out two disabled points: Apple Internal and Filesystem Protections.
To be honest the SIP status wasn't checked before system SSD upgrade. History of this Mac is however known very well and one can tell that user/administrator had never the intention to disable SIP.
How bad are the two disabled functions reported?
How may fixing look like?
Is it a known behavior?
RESOLVED by 'csrutil enable' in recovery mode. No idea how and when the custom config of SIP has been enforced. One is sure, SilentKnight test conducted before Catalina migration didn't detect SIP to be disabled. Rather it was being reported as enabled that time.
Last edited: