I'm thinking of setting up Boot Camp on my early 2011 MBP for gaming purposes because, obviously, VMs just don't cut it when they have to share their hardware with OS X. However, several forums I've read say that a Boot Camp partition could make the computer susceptible to malware that can somehow access the OS X partition. Short of using two separate drives, is there anything I can to totally isolate the partitions from each other, or otherwise keep the OS X partition totally safe?
MacOS – Make a Boot Camp partition totally impenetrable
bootcampmacospartitionwindows
Related Solutions
I also faced similar issue and was able to solve with post on apple discussions.
However follow these instruction carefully and make sure to have all backups in place.
Based on comment below, adding answer in post
sudo gdisk /dev/disk0
If you get any error messages at this point, report the error messages, don't proceed further.
You're now in gdisk interactive mode. Menus/commands are single characters followed by return/enter. So type ? and and you'll get the main menu listing commands. Type p and it will print (display) the current GPT. Since you have 5 GPT entries, you can't use a 1 for 1 GPT to MBR scheme like Apple does. The following suggestion is safe, but all hybrid MBRs are non-standard inventions, and therefore I can't tell you how Boot Camp Assistant or Disk Utility will react to this hybrid MBR should you decide to make changes later. What I can tell you is Windows, Linux, and Mac OS X themselves have no problem with this MBR scheme.
r go to the recovery & transformation menu
h create a new hybrid MBR
5 add partion 5 to the MBR
accept the default MBR hex code of 07
y set the bootable flag
n do not protect more partitions
o print (display) the MBR
You should have two entries. One type EE, one 07, with the 07 entry marked with * under Boot. If you don't, report back. If you do, write out the update partition information, and hope a power failure doesn't occur for the next few seconds...
w write partition table to disk
reboot. hold down option - you should be able to boot into either Mac HD, Recovery HD, or Windows.
I just tested this same five partition GPT and 2 partition MBR on a working system and the instructions above worked.
Note, so long as CSM-BIOS and thus MBR are required for Boot Camp instead of EFI booting Windows, we're stuck with flaky MBR problems, as well as the 2TB disk limitation for Windows boot disks.
Also, I filed bug ID 11980880 at bugreport.apple.com and referenced this thread.
Your disk1 and disk3 are the virtual disks created by CoreStorage, that is, the system underlying FileVault 2 (full disk encryption). This is why your data partitions on the "real" disks (disk0 and disk2) have type Apple_CoreStorage.
The recovery partition on your external drive is this one:
3: Apple_Boot Recovery HD 650.0 MB disk2s3
Deleting it may however not be a good idea. Because CoreStorage drives are encrypted, the bootloader can't read any data from them - the OSX kernel (with the CoreStorage driver) needs to be loaded to ask for the user password, which opens up the main drive containing the rest of the operating system and data. So with CoreStorage enabled, the Recovery HD partition doubles as an unencrypted boot helper.
I don't have much experience with CoreStorage, and you haven't made it completely clear what your backup disk contains. I know that unencrypted Time Machine disks are bootable. I would imagine that encrypted ones are, too, with the caveat of requiring a boot helper, but I don't know for sure. Furthermore, since you only mention "backups", maybe you're using a different backup system which may or may not be bootable.
If your backups are not intended to be bootable, I think you should be able to delete the Recovery HD, although there is a certain risk that CoreStorage relies on it nevertheless. If they are bootable, deleting it outright will make them fail to boot. You could try writing the partition parameters displayed by gpt show disk2, deleting the partition using gpt without overwriting it, rebooting, and checking that it still works, and recreating it with the exact parameters (again using gpt, not diskutil) if you have trouble accessing your backups.
However, boot helpers don't actually need to contain a full recovery system. Prior to OSX Lion, boot helpers (e.g. used for software RAID) were always 128MiB in size, and this is still enough for Lion and Mountain Lion. Still, recreating a deleted boot helper isn't exactly straightforward.
Then there's the question of what you'll do with the extra ~520MB you gained. I don't think you can resize core storage partitions, so all you'll be able to do is create a ~400MB additional partition, which isn't terribly useful.
Overall, I'd say it's not worth the risk/trouble to gain ~500MB.
Related Question
- Windows – Resize Boot Camp partition
- Installing a Windows partition on Mac HD – dual boot in short
- Boot camp no osx partition
- Bootcamp – How to Restore Missing Partition and Install Windows 7 64-bit on macOS
- Boot Camp – Unable to Remove Windows Partition
- Windows – Unable to remove Windows partition on Boot Camp partition
Best Answer
If your Mac OS partition is encrypted with FileVault 2, it will be unreadable when you are booted to Windows. At that point, the only thing malware could do to this partition would be to wipe or delete it.