Measures like SIP force application developers to create workarounds that compromise system security even more. Remember the recent Zoom vulnerability where they created a special service to autoupdate Zoom? If the system is too restrictive, developers will try to punch holes in it to accomplish what they need.
> Measures like SIP force application developers to create workarounds that compromise system security even more. Remember the recent Zoom vulnerability where they created a special service to autoupdate Zoom? If the system is too restrictive, developers will try to punch holes in it to accomplish what they need.
That wasn't related to SIP, so I don't think we can just throw random unrelated security issues against SIP to justify it being a bad thing.
Bedsides, is the moral of the Zoom story really that application Developers should be given unfettered access to the OS and the freedom to do whatever they want? It sounds like the opposite - an example of exactly why security has to be built into the OS and can't be left to companies like Zoom.
