SIP (System Integrity Protection) in High Sierra has changed (extended).
I’m not going into much detail here, but you can take a look at the updated csrstat command line tool that I wrote earlier.
FYI: I implemented functional SIP support in bootloaders like RevoBoot, Chameleon/Enoch and the macosxbootloader. This a full month before anyone else wrote about it. After that I also shared my findings with Clover devs and Clover end-users so that they could set the correct values in their Clover.plist
I kept following the changes that Apple made, and figured out the meaning of CSR_ALLOW_DEVICE_CONFIGURATION and other important bits.
In fact. If I don’t blog about SIP changes, then they stay unnoticed. It seems. Seriously. Go Google for it 😉
p.s. I was made aware of a link in Chameleon/Enoch that shouldn’t be there, but that is not fair. Remember this guys. It was Pike who helped you with this, and nobody else!