undefined | Better HN

0 pointsWowfunhappy7y ago0 comments

Put another way, you’re saying macOS’s admin account is currently too powerful? Even if Apple is able to eventually change that—and it would take a while—it doesn’t make SIP useful for security as of right now.

Edit: Also, security be damned, I don’t want to use an OS without a proper root account! So while not entirely relevent to the discussion, I know that I would either continue to turn off SIP or move to another platform.

0 comments

1 comments · 1 top-level

pvg7y ago

You get around it with things like SIP. Getting root on iOS is not, for instance, the absolute security game-over you are describing and it's a related OS.

Let's say you wanted an OS with better privilege control and other clever security doodads people have come up with in the years since merely having user accounts seemed like unconscionable oppression. If you don't care about backward compatibility much and start with Linux and a JVM you might end up with something like Android. If you start Linux and Chrome you might end up with something like ChromeOS. If you start with OS X you might end up with something like iOS. If you start from scratch you might end up with something like Fuchsia.

But what if you do care about backward compatibility? You then have a far more difficult, thankless and long-term job. If you start with OS X, somewhere along the line you'll have something like OS X + SIP + Sandbox + FDE. Or Windows NT + UAC + irritating autoreboots in the middle of the night. We're in the 'somewhere along the line' stage.

j / k navigate · click thread line to collapse