I'd like my shell script to verify if the /System/Library/Extensions folder (and subfolders) contains any kexts that don't pass signature validation. How do I do that?
There are a couple utilities that seem to include that kind of functionality, e.g.
kextcache -system-prelinked-kernel
but they either apply modifications to the system or do other unwanted lenghty checks. Only the signature validation is necessary here.
Many thanks in advance for your help!
Best Answer
Here's the script which will output not singed kexts inside this directory: