Instead of macOS mounting the System volume read-only as it does in Catalina, only that sealed snapshot is mounted, giving immutable system files further robust layers of protection from tampering and error. Those hashes are saved as metadata and a file system snapshot is made of the volume. This deepens system protection from the existing read-only volume covered by System Integrity Protection (SIP).ĭuring macOS installation, once its System volume has been installed, cryptographic hashes are computed for every component on that volume and assembled into a tree (like a Merkle tree), culminating in a single, master hash termed the Seal. The biggest single change in macOS 11 is its new Sealed System Volume (SSV), which replaces the separate System volume introduced in macOS 10.15. Underneath the distinctive new look of macOS Big Sur are changes in security architecture which build on those in Catalina: existing division of the startup volume into two is enhanced by even greater protection for the system notarization is enforced more rigorously without blocking the use of unsigned code and macOS moves away from extensions running in kernel space towards user space extensions, including special Endpoint Security Extensions.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |