Disable System Integrity Protection - How Dangerous Is It?

Discussion in 'macOS Sierra (10.12)' started by JazzyGB1, Dec 29, 2016.

Tags:
  1. JazzyGB1 macrumors regular

    Joined:
    Jan 18, 2002
    Location:
    UK
    #1
    Hi,
    I've an M-audio Project Mix audio interface that has been discontinued for a few years now.
    I absolutely love it though and use it every day when I record music and there's really no affordable modern alternative to it. :(
    Unfortunately because the drivers for it are unsigned, it won't work in Elcapitan and Sierra and it only half works in Yosemite, so I'm currently running my Mac Pro with Mac OS10.95 (Mavericks), which is the latest OS where the M-audio drivers and software still function 100%.
    However the M-Audio drivers will work absolutely fine in Elcapitan or Sierra if I disable the SIP, so my question is this...
    Is an OS like El Capitan or Sierra with SIP disabled more vulnerable from a security point of view than an OS like Mavericks which doesn't have SIP in the first place?
    Providing I only visit regular websites on my Mac am I likely to be any more at risk of anything bad happening?
    It'd be great to be able to use the latest Mac OS again, but at the same time I don't want to run a completely vulnerable system, so would be grateful for more informed opinion on the matter.
    Thanks
     
  2. ardchoille50 macrumors 68020

    Joined:
    Feb 6, 2014
    #2
    From: https://support.apple.com/en-us/HT204899

    "System Integrity Protection is a security technology in OS X El Capitan and later that's designed to help prevent potentially malicious software from modifying protected files and folders on your Mac. System Integrity protection restricts the root user account and limits the actions that the root user can perform on protected parts of the Mac operating system.

    Before System Integrity Protection, the root user had no permission restrictions, so it could access any system folder or app on your Mac. Software obtained root-level access when you entered your administrator name and password to install the software. That allowed the software to modify or overwrite any system file or app.
    "
     
  3. Gav2k macrumors G3

    Gav2k

    Joined:
    Jul 24, 2009
    #3
    Disable and install your device then turn it back on.
     
  4. ardchoille50 macrumors 68020

    Joined:
    Feb 6, 2014
    #4
    Yeah, I've seen people do that for things that they trust and it makes sense.
     
  5. howiest macrumors regular

    howiest

    Joined:
    Aug 16, 2015
    Location:
    Left Coast
    #5
    There was no SIP before El Capitan came along, so you tell me... how dangerous was Yosemite, or Mavericks, or, or...?
     
  6. Fishrrman macrumors G4

    Fishrrman

    Joined:
    Feb 20, 2009
    #6
    One has to do, what one has to do.

    Consider:
    BEFORE Apple instituted SIP, ALL Macs ran "without it".

    Back then, the Mac world seemed "good enough" without SIP.
    Whether the world is "better" with it, can't say.

    I turn it off, as a matter of course.
    But that's my choice.

    I'd turn it off, and not worry about having done so.
     
  7. JazzyGB1 thread starter macrumors regular

    Joined:
    Jan 18, 2002
    Location:
    UK
    #7
    Thanks, but unfortunately as soon as SIP is enabled again the driver software stops working, so it's for it to work always off is the only option.
    --- Post Merged, Dec 30, 2016 ---
    So it's sounding like disabling SIP will make Sierra no more vulnerable than Mavericks anyway, which is fine by me. :)
    SIP disabled it is then - thanks for all your responses. :)
     
  8. ardchoille50 macrumors 68020

    Joined:
    Feb 6, 2014
    #8
    Yeah, I would just recommend continuing your due diligence as far as personal security is concerned.
     

Share This Page