Answer the question
In order to leave comments, you need to log in
Is it possible to install applications in Macos behind SIP?
Good afternoon, tell me, is it possible to install applications that could be removed only for SIP (System Integrity Protection), as an administrator is needed, for other things. It is necessary that the program can be deleted only from the recovery section.
Answer the question
In order to leave comments, you need to log in
You can set the extended attributes flag after installation.
System Integrity Protection protects system files and directories that are flagged for protection. This happens either by adding an extended file attribute to a file or directory, by adding the file or directory to /System/Library/Sandbox/rootless.conf or both. Among the protected directories are: /System, /bin, /sbin, /usr (but not /usr/local).[8] The symbolic links from /etc, /tmp and /var to /private/etc, /private/tmp and /private/var are also protected, although the target directories are not themselves protected. Most preinstalled Apple applications in /Applications are protected as well.[1] The kernel, XNU, all processes without specific entitlements stops from modifying the permissions and contents of flagged files and directories and also prevents code injection, runtime attachment and DTrace with respect to protected executables.[9]
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question