Apple Seeds OS X El Capitan Recovery Update

throAU · Aug 23, 2015

aaronvan said:
I'm reaching that point in life where a new version of OS X doesn't excite me. I must be getting old.

No, you've just realised that operating systems are a commodity tool used to get a job done. That job may be browsing the internet, it may be photography retouching or it may be office work. The OS is a platform for applications. Feature set between platforms varies, but the platform itself is nothing to get excited about, it's the apps.

throAU · Aug 23, 2015

Ebenezum said:
Using Terminal is not a option for most Mac users and I doubt many would disable SIP without good reason. What harm is there if the option to disable it remains in Recovery?

Why not, are mac users unable to type? Or copy/paste text?

That said, the option to disable system integrity protection is placed in the recovery environment so that it is more difficult (ideally impossible) for malware to disable it from within the running OS.

Apple haven't put it there to be awkward, they've intentionally written El Capitan so that once the OS is booted, the system integrity protection can't be disabled from within the running OS - for protection reasons. *

Enabling you to tweak it with the terminal would mean that other processes could potentially turn it off as well. Which defeats the purpose of having it. If you need to turn it off, boot into recovery and turn it off. But unless you REALLY need to, you're better off leaving it ON to protect the operating system from tampering by malware - as an additional layer of security.

edit:

* this is the same way secure levels work in FreeBSD, and given OS X shares a bunch of code and ideas with FreeBSD, it would not surprise me if this code has been ported as well. Basically files can have flags set on them which makes them read-only once the system has been configured for a higher security level than 0, and the security level can only be increased once the OS has been loaded.

tedson · Aug 23, 2015

Has anyone be able to boot into the recovery partition if the have FileVault enabled?

arkmannj · Aug 23, 2015

n-evo said:
I have no idea why people always do this. We can all read the file size that applies to us from the App Store can't we?

I can't say I know why other people do it. but here's why I do:

1) To let people know ahead of time that might be on a metered connections, or otherwise may want to plan their download.

2)Pure curiosity. For me it makes no difference of the size (probably much like you) in terms of when/how/where I will download it, but I still like seeing how widely the sizes vary for different setups.

gmsingh · Aug 24, 2015

aaronvan said:
I'm reaching that point in life where a new version of OS X doesn't excite me. I must be getting old.

A new OS means only one thing: Apple is that much closer to making older hardware obsolete. I can see the day coming where an Apple Watch will be required to get a new OS.

CmdrLaForge · Aug 24, 2015

I do not see this update? Is this for the developers only?

Ebenezum · Aug 24, 2015

tywebb13 said:
Yes it is. All mac users have the terminal app. It is in the utilties folder as well as in the recovery partition under the utilities menu item.

Exactly how large % of current of Mac users are comfortable using Terminal? 10%? 20%?

As more and more options are hidden in Terminal I am left wondering if there is a time in future when I might just as well use Linux...

throAU said:
Why not, are mac users unable to type? Or copy/paste text?

That said, the option to disable system integrity protection is placed in the recovery environment so that it is more difficult (ideally impossible) for malware to disable it from within the running OS.

Apple haven't put it there to be awkward, they've intentionally written El Capitan so that once the OS is booted, the system integrity protection can't be disabled from within the running OS - for protection reasons. *

Enabling you to tweak it with the terminal would mean that other processes could potentially turn it off as well. Which defeats the purpose of having it. If you need to turn it off, boot into recovery and turn it off. But unless you REALLY need to, you're better off leaving it ON to protect the operating system from tampering by malware - as an additional layer of security.

edit:

* this is the same way secure levels work in FreeBSD, and given OS X shares a bunch of code and ideas with FreeBSD, it would not surprise me if this code has been ported as well. Basically files can have flags set on them which makes them read-only once the system has been configured for a higher security level than 0, and the security level can only be increased once the OS has been loaded.

I am not saying SIP isn't a good idea, its just that there should be a way to disable if necessary. If Apple removes that ability in final 10.11 version or later in future I will think long and hard before upgrading because I have no desire to use OS which resembles more iOS than full OS X.

throAU · Aug 26, 2015

Ebenezum said:
I am not saying SIP isn't a good idea, its just that there should be a way to disable if necessary. If Apple removes that ability in final 10.11 version or later in future I will think long and hard before upgrading because I have no desire to use OS which resembles more iOS than full OS X.

There IS a way to disable it, as I explained above, the reason you need to go into recovery mode is for security and to protect the integrity of the system when it is turned on.

Being able to turn it off from within the running OS means that a bug could far more easily enable malware to turn it off.

Ebenezum · Aug 27, 2015

throAU said:
There IS a way to disable it, as I explained above, the reason you need to go into recovery mode is for security and to protect the integrity of the system when it is turned on.

Being able to turn it off from within the running OS means that a bug could far more easily enable malware to turn it off.

Public Beta 5 removes that option, I am hoping it is a bug and not intentional change of policy...

w0lf · Aug 27, 2015

Ebenezum said:
Public Beta 5 removes that option, I am hoping it is a bug and not intentional change of policy...

It's not removed you're supposed to use csrutil in terminal while booted in the recovery partition to adjust System Integrity Protection.

dsuden · Aug 31, 2015

zorinlynx said:
I think as we get older we just want things to work and not have to fight and hack with them to get them to work.

Totally with you on that zorinlynx. I still enjoy the excitement of new releases, but when i get them, I mainly just want them to work. Few of the new features are things I wind up using. Above all, as I get older, I suffer from serious "menu fatigue." I'm sick to death of relearning where every single app has moved options, especially in IOS, where the smallness of the screen forces so many features to be buried two and three layers deep beneath cute, meaningless symbols.

JohnSmithUSA1776 · Nov 11, 2015

aaronvan said:
I'm reaching that point in life where a new version of OS X doesn't excite me. I must be getting old.

It's because every version that comes out, we have to hack and patch like crazy to try to get it to work again. I still haven't figured out how to get QuickLook to work again so I can select and copy text. I even tried to copy the QL plugin over from Yosemite. Also, the first thing I had to disable was SIP. What a cluster that is!

n-evo · Nov 13, 2015

JohnSmithUSA1776 said:
It's because every version that comes out, we have to hack and patch like crazy to try to get it to work again.

Ìn other words nothing has changed.

Search

Search

Apple Seeds OS X El Capitan Recovery Update

throAU

macrumors G4

throAU

macrumors G4

tedson

macrumors 6502

arkmannj

macrumors 68000

gmsingh

macrumors newbie

CmdrLaForge

macrumors 601

Ebenezum

macrumors 6502a

throAU

macrumors G4

Ebenezum

macrumors 6502a

w0lf

macrumors 65816

dsuden

macrumors newbie

JohnSmithUSA1776

macrumors newbie

n-evo

macrumors 68020

Our Staff