You need to escalate to root to run it anyway. If anyone can get root on my lapt... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		viraptor 18 days ago \| parent \| context \| favorite \| on: Strace-macOS: A clone of the strace command for ma... You need to escalate to root to run it anyway. If anyone can get root on my laptop, there's nothing that SIP can realistically protect me from. Actually, if anyone can get access to my user outside of sandbox, everything I care about is already exposed. (Also, you can disable it only for dtrace if you want)

saagarjha 17 days ago [–]

Turning off SIP allows for trivial escalation to root usually

viraptor 17 days ago | [–]

That's quite vague. Got any links with the details?

saagarjha 17 days ago | | [–]

Here's an example: https://gist.github.com/ChiChou/e3a50f00853b2fbfb1debad46e50...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact