Can this ever work without disabling SIP?

Question

Can this ever work without disabling SIP?

Closed this issue 7 months ago · 2 comments

Question in title. Security team aren't keen on disabling SIP on-premise, and also it can't be disabled on EC2 mac instances for example.

Answer 1 · 2024-03-11T03:59:04.000Z

Please, see #49. It might be possible to only requure disabling part of SIP. But until SIP prevents chroot call, disabling of that part is unavoidable.

Answer 2 · 2024-03-11T04:12:03.000Z

Sorry, I totally missed #49!