What should the permissions on the /EFI partition be?
https://apple.stackexchange.com/questions/280154
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Currently, I am able to mount and edit the EFI partition without any special privileges. Is that correct?
I understand that the bootflags for SIP protected regions are stored in nvram which is inaccessible through bless, but it seems strange that I can manipulate the binary, and the changes will persist through a restart.
Is something wrong here? If not, why is it the case?
Solution
EFI partitions are formatted with a FAT32 file system. FAT32 doesn't provide POSIX file permissions. Whoever accesses an EFI partition in OS X/macOS has full ownership of all files and folders (777).
This even applies if you change your user with Fast User Switching.
Mounting of the EFI partition requires admin privileges though.
Licensed under: CC-BY-SA with attribution
Not affiliated with apple.stackexchange
