As of macOS 12 (Monterey), Apple's Virtualization framework has nice support for macOS guest virtual machines, but with severe limitations: For example you can't install a macOS guest on Intel Macs, install guests with newer versions of macOS than the host, copy and paste between the host and the guest, or install third party kernel extensions in the guest. As usual for Apple, the functionality they do support is nicely implemented, but they've left out so much that the result is only marginally useful -- at least compared to
frefire
steven-michaud
/ ThirdPartyKexts.md
Last active
March 17, 2026 18:15
Running Third Party Kernel Extensions on Virtualization Framework macOS Guest VMs
zhuowei
/ reachable_services.txt
Created
February 21, 2023 06:26
Reachable Mach services from the app sandbox on iOS 16.1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PurpleSystemAppPort | |
| PurpleSystemEventPort | |
| UIASTNotificationCenter | |
| com.apple.ABDatabaseDoctor | |
| com.apple.AppSSO.service-xpc | |
| com.apple.AuthenticationServicesCore.AuthenticationServicesAgent | |
| com.apple.CARenderServer | |
| com.apple.ClipServices.clipserviced | |
| com.apple.CoreAuthentication.daemon | |
| com.apple.DeviceAccess.xpc |
If you want to change things on the root drive of a Mac you will need to take some steps to disable the built in security of the system. Most of these steps are the same regardless if you are on Intel or Apple Silicon. If there is a difference it is noted.
Note that all of these things put a Mac into an unsupported and less secure state.
Make sure you either perform these steps in a VM or that you reset the protections after you are done poking around
(This list is not exahustive on the details of each. Check the links at the end for more info.)
LeoNatan
/ Take Control of macOS
Last active
February 23, 2026 04:35
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| csrutil disable | |
| sudo nvram boot-args="intcoproc_unrestricted=1 kext-dev-mode=1 amfi_allow_any_signature=1 amfi_unrestrict_task_for_pid=1 PE_i_can_has_debugger=1 cs_enforcement_disable=1 amfi_get_out_of_my_way=1 amfi=0xff cs_debug=1 ipc_control_port_options=0" | |
| sudo spctl --global-disable | |
| sudo defaults write /Library/Preferences/com.apple.security GKAutoRearm -bool NO | |
| sudo defaults write /Library/Preferences/com.apple.security.coderequirements Entitlements -string always | |
| sudo defaults write /Library/Preferences/com.apple.security.coderequirements AllowUnsafeDynamicLinking -bool YES | |
| sudo defaults write /Library/Preferences/com.apple.security.libraryvalidation.plist DisableLibraryValidation -bool YES | |
| defaults write com.apple.loginwindow DisableScreenLockImmediate -bool yes |