VBoxNetAdpCtl crash with SIP partially disabled

[granada29]

Background

I installed macOS Sonoma on external drive attached to my iMac 18,3 using OCLP. I observed the above crash when starting VirtualBox Manager and thought it was an artefact of OCLP.

I then rebooted in macOS Ventura, with the OCLP drive disconnected and experienced the same crash. The SIP relaxation required for OCLP was still in effect.

csrutil status  
System Integrity Protection status: unknown (Custom Configuration).

Configuration:
	Apple Internal: disabled
	Kext Signing: disabled
	Filesystem Protections: disabled
	Debugging Restrictions: enabled
	DTrace Restrictions: enabled
	NVRAM Protections: enabled
	BaseSystem Verification: enabled

The crash dump from VBoxNetAdpCtl shows problems with the @rpath:

Termination Reason:    Namespace DYLD, Code 1 Library missing
Library not loaded: @rpath/VBoxRT.dylib
Referenced from: <1198B23A-3909-396C-894E-2ADBABFABF95> /Applications/VirtualBox.app/Contents/MacOS/VBoxNetAdpCtl
Reason: tried: '/usr/lib/VBoxRT.dylib' (no such file, not in dyld cache), (security policy does not allow @ path expansion)
(terminated at launch; ignore backtrace)

Workaround

I was able to use the following commands to amend the @rpath in the VBoxNetAdpCtl binary and the program no longer crashes.

cd /Applications/VirtualBox.app/Contents/MacOS
sudo install_name_tool -add_rpath @executable_path VBoxNetAdpCtl 
Password:
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/install_name_tool: warning: changes being made to the file will invalidate the code signature in: VBoxNetAdpCtl

Outcome

VirtualBox, and my VMs, run without error on both macOS Ventura and macOS Sonoma without re-enabling SIP.

Solution (maybe)

During the build of VirtualBox, use @executable_path in the @rpath specification.

[granada29]

VBoxNetAdpCtl crashdump