System Integrity Protection

System Integrity Protection (often shortened to SIP, internally known as CSR and originally rootless) is a set of related macOS security features that protect certain sensitive system functionality so that only appropriately entitled processes can use them. It was introduced in OS X El Capitan.

The protections apply even for the root user, thereby protecting the operating system from trivial attacks that can be carried out by tricking the user into typing their password.

csrutil
The level of System Integrity Protection is configurable by the user in recoveryOS through the  tool in Terminal. As of macOS Ventura, its help output is the following:

csurtil has undocumented flags that allow SIP to be partially enabled. The  flags can be combined.

There is some risk to the rest of SIP being disabled when using any of these flags, as each of these allow SIP to be fully bypassed in some way.

Configuration
On Intel Macs, SIP configuration is stored in an NVRAM variable named  and used by all installations of macOS, while on Apple Silicon Macs, it is stored in the device tree under   for the specific installation that recoveryOS is tied to. It is a bitmask of the following fields: