> On 13 Mar 2016, at 14:07, Larry Stone <lston...@stonejongleux.com> wrote: > > The only “pain” likely to result is if you aren’t smart and let malware do > something bad. OS X (at least so far) does not care if SIP is on or off. SIP, > IMHO, is protection for those who don’t know what they are doing but is in > the way of us who know our way around a system.
Sadly, your opinion (and mine) don’t count. Apple’s decided System Integrity Protection matters and they get to choose. SIP’s likely to play even more significant role in future releases of MacOSX. [And maybe for iOS too.] I think Apple have already said that. So if you disable SIP or if workaround sysadmin practices rely on it being switched off, you may well be in for a nasty surprise or two further down the road. Says the guy who had /usr/src nuked when upgrading to MacOSX 10.11.
