Just turn off SIP. SIP is for regular users who don’t know what a ulimit is, the whole point of SIP is to lock down the OS as much as possible.
If you’re a developer, you live in the Terminal, you obviously need full control over your OS.
edit: I appreciate the irony of being downvoted for suggesting having control over your OS on Hacker News, so keep it coming please. Mo’ downvotes mo’ irony.
I'm a software developer at a company where ~50% of the staff is a developer and our IT fleet management enforces SIP. This simply isn't an option for us because of security requirements from our customers.
SIP is the default though. Turning it off is an option for some, for now. But Apple has clearly indicated they're moving towards a more restrictive ecosystem through there actions for a long time now.
I would suggest you likely aren't being downvote because you suggest having control, instead, you are being downvoted because you seem to believe that turning off SIP is like a normal thing that people should be doing regularly.
I think you are finding strong disagreement with that.
People probably don't believe they should have to do that to perform regular development work.
You aren’t being downvoted for telling people to have full control over the OS. You can do that with SIP enabled, or boot to recovery, disable, modify, enable, and have full control over your OS. How often are you needing to modify low level OS config that you’d rather make your entire machine vulnerable to root exploits than dance around SIP a couple times a year if that? That’s why you’re being downvoted, for advocating folks make their machine way less secure to save 3 minutes worth of reboot time a year, if that. Bump the hard limit once and you never need to touch it again.
3 minutes worth of reboot time a year for this, 2 minutes worth of reboot time for that, 1 for something else and 2 extra for no apparent reason. My previous company switched everyone to Mac and the second biggest reason I quit that job was that Mac was a horrible OS to work on. Constant reboots, crashes, no configuration for basic things like scrolling or window placement. Apple builds great hardware but the OS is only good to make presentations and edit video, not for software development.
A large number of extremely talented engineers might beg to differ. Everything you listed as an issue has a solution. Like any operating system, you have to spend the time to learn the intricacies of how it works and to customize it to your liking. For me, must haves are Alfred to replace spotlight, my dotfiles which change a ton of defaults in various apps like finder, the dock, etc, setup key repeat, iterm2 colors and profile, etc. divvy and magnet for window management. Caffeine to prevent sleep. Stats open source menu monitors to replace istatmenus
I’m sure there are newer equivalents to what I’ve listed. I’ve been using those programs for years.
I did find solutions for my problems on Mac, but the solutions were hard to find, poorly documented, subscription based or a combination.
Meanwhile on Linux it is generally fairly easy to find what you need in the documentation or in the forums. It can be a bit more involved when using some very niche tools but it's not worse than the average Mac app I had to deal with.
I am not a very talented engineer. I'm a normal engineer who enjoys his craft, tries to do quality work and tries to be efficient. My opinion is based on my experience using Mac and Linux alternatively for the last 5 years doing development professionally.
I have seen very talented devs using Mac, but also others that were just as talented and complained when they were forced to switch from Linux to Mac. Hell, the smartest most talented developer I have ever met (by a mile) developed drivers on Windows and he told me that for the type of development he did Windows was all right.
I have to doubt that there is any correlation between how talented a developer is and the quality of a OS because most developers I know use what the company allows them, and it's somewhat rare to be allowed to choose.
I will agree that recently, esp the last 2 major versions, the OS has gotten worse from a stability perspective. I have errors in my logs at a steady pace even on new machines and fresh, untouched OS install from the factory. They just never go away. The cloud services are always on and phoning home, even when you have everything that uses an Apple ID signed out. It’s becoming more intrusive and less configurable, but nothing beats the shortcuts or the mac keyboard layout, and the UI intuitiveness. I can’t go back to ctrl-s and everytime I’m on my Linux machine I struggle to do the ole carpal tunnel-s to save haha
Regarding your carpal tunnel comment. I started having carpal problems very young (in university). Then I looked into and went all in with an ergonomic keyboard, ergonomic mouse and ergonomic chair. It went away in a couple weeks and I haven't had a problem in 10 years, and I use the computer more than it could possibly be healthy. I've had younger coworkers complain and I always recommend getting a good setup because it pays off in health easily.
Turning off SIP allows for any user process to immediately gain root privileges. This is surprising to most people, so I generally would not recommend it without fully understanding the risks behind it.
~You can have a root user with SIP enabled. SIP protects core OS files from being modified while it’s enabled. This prevents processes, even root processes, from swapping out core libs with modified ones, installing root kits, back doors, etc.~
I misspoke
> System Integrity Protection (SIP) in macOS protects the entire system by preventing the execution of unauthorized code. The system automatically authorizes apps that the user downloads from the App Store. The system also authorizes apps that a developer notarizes and distributes directly to users. The system prevents the launching of all other apps by default.
Uh, this being a repeated problem in the past? Apple puts some sort of god mode behind an entitlement, only checks the entitlement rather than the actual permissions, disabling SIP allows for anyone to steal the entitlement and assume root. Apple does not consider this to be a legitimate security issue because they do not think systems with SIP disabled deserve security.
If you’re a developer, you live in the Terminal, you obviously need full control over your OS.
edit: I appreciate the irony of being downvoted for suggesting having control over your OS on Hacker News, so keep it coming please. Mo’ downvotes mo’ irony.