There are people who will run their graphical session as root, and throw in a "chmod -R 777 /" for good measure; and there are people who will go through convoluted steps to disable runtime kernel module loading, mount / read-only, and run their web browser in a container. Now I'm definitely not on the latter extreme, but if I can have a decently-hardened system out of the box, why would I throw that away just to remove a builtin app?
Are we still talking about macOS? If so, sudo rm -f does not work on a file with the restricted flag set. Based on that, I don’t see how modifying it with a child would work either. SIP is powerful
