System Integrity Protection

Developer(s)Apple Inc.
Initial releaseSeptember 16, 2015; 9 years ago (2015-09-16)
Operating systemmacOS
Included withOS X El Capitan (OS X 10.11) and later
TypeComputer security software
Websitedeveloper.apple.com/library/archive/documentation/Security/Conceptual/System_Integrity_Protection_Guide/Introduction/Introduction.html

System Integrity Protection (SIP,[1] sometimes referred to as rootless[2][3]) is a security feature of Apple's macOS operating system introduced in OS X El Capitan (2015) (OS X 10.11). It comprises a number of mechanisms that are enforced by the kernel. A centerpiece is the protection of system-owned files and directories against modifications by processes without a specific "entitlement", even when executed by the root user or a user with root privileges (sudo).

Apple says that the root user can be a significant risk to the system's security, especially on a system with a single user account on which that user is also the administrator. SIP is enabled by default but can be disabled.[4][5]

  1. ^ Cunningham, Andrew; Hutchinson, Lee (September 29, 2015). "OS X 10.11 El Capitan: The Ars Technica Review—System Integrity Protection". Ars Technica. Retrieved September 29, 2015.
  2. ^ Cunningham, Andrew (June 17, 2015). "First look: OS X El Capitan brings a little Snow Leopard to Yosemite". Ars Technica. Retrieved June 18, 2015.
  3. ^ Slivka, Eric (June 12, 2015). "OS X El Capitan Opens Door to TRIM Support on Third-Party SSDs for Improved Performance". MacRumors. Retrieved June 18, 2015.
  4. ^ Martel, Pierre-Olivier (June 2015). "Security and Your Apps" (PDF). Apple Developer. pp. 8–54. Archived (PDF) from the original on April 23, 2016. Retrieved September 30, 2016.
  5. ^ "Configuring System Integrity Protection". Mac Developer Library. Apple. September 16, 2015. Archived from the original on August 17, 2016. Retrieved September 30, 2016.