Thoughtful, detailed coverage of the Mac, iPhone, and iPad, plus the TidBITS Content Network for Apple consultants.

Details on OS X 10.11 El Capitan’s System Integrity Protection

Over at Macworld, Glenn Fleishman offers details on the new System Integrity Protection (SIP) feature in OS X 10.11 El Capitan. The good news is that SIP will make it tough for malware to take hold on your Mac. The bad news is that it will cripple many power-user utilities, such as SuperDuper, Default Folder, and TotalFinder; however, you will be able to disable SIP. Also, users will no longer be able to repair disk permissions manually in 10.11 — rather, the system will do it automatically whenever a system update is installed.favicon follow link


Comments about Details on OS X 10.11 El Capitan’s System Integrity Protection
(Comments are closed.)

StevieB  An apple icon for a TidBITS Supporter 2015-07-20 14:00
Please expand/clarify.
Norbert E Fuchs  An apple icon for a TidBITS Benefactor 2015-07-20 14:11
Glenn, will Little Snitch be affected?
Roger D. Parish  An apple icon for a TidBITS Contributor 2015-07-24 08:37
Yes, but they are on top of it. 3.6 will handle El Capitan.
Hank Roberts  2015-07-28 12:46
Hey, I'd really appreciate a discussion for people like me -- almost every Mac user I know personally -- who still use 10.9.5 Mavericks. It's a small sample; I wonder if there's really a huge speed bump here deterring people from going to newer OSX. I hear about Mail problems, something weird about how the power button works??? and lots of "why do I need to change" -- which is sure how I feel.

Maybe this is a Low End Mac question but I feel like Apple and Tidbits are both a little too out front of the cutting edge and would appreciate a pause to give some attention to those of us who use Macs to do work -- rather than to fiddle with.
Adam Engst  An apple icon for a TidBITS Staffer 2015-07-28 14:44
The problem is that there's a great deal of minor uncertainty, since the modern Internet does a great job of disseminating a lot of anecdotal reports of problems, and there's no way of knowing whether or not you'll have those issues or not. So you don't upgrade.

In reality, the problems are probably statistically quite insignificant, and the likelihood of you having those problems is quite small. But with relatively little incentive to upgrade, why take the risk? (And when it's security-related, as this article suggests, people tend to think they won't have problems.) I can't argue with that.

In the end, it always comes down to that tradeoff - will the benefit of the new features outweigh an unknown level of negatives. In an ideal world, there would be almost no negatives to upgrading, but we don't seem to be getting lucky in that regard.