Disable System Integrity Protection - How Dangerous Is It?

[JazzyGB1]

Hi,
I've an M-audio Project Mix audio interface that has been discontinued for a few years now.
I absolutely love it though and use it every day when I record music and there's really no affordable modern alternative to it.
Unfortunately because the drivers for it are unsigned, it won't work in Elcapitan and Sierra and it only half works in Yosemite, so I'm currently running my Mac Pro with Mac OS10.95 (Mavericks), which is the latest OS where the M-audio drivers and software still function 100%.
However the M-Audio drivers will work absolutely fine in Elcapitan or Sierra if I disable the SIP, so my question is this...
Is an OS like El Capitan or Sierra with SIP disabled more vulnerable from a security point of view than an OS like Mavericks which doesn't have SIP in the first place?
Providing I only visit regular websites on my Mac am I likely to be any more at risk of anything bad happening?
It'd be great to be able to use the latest Mac OS again, but at the same time I don't want to run a completely vulnerable system, so would be grateful for more informed opinion on the matter.
Thanks

 

[ardchoille50]

From: https://support.apple.com/en-us/HT204899

"System Integrity Protection is a security technology in OS X El Capitan and later that's designed to help prevent potentially malicious software from modifying protected files and folders on your Mac. System Integrity protection restricts the root user account and limits the actions that the root user can perform on protected parts of the Mac operating system.

Before System Integrity Protection, the root user had no permission restrictions, so it could access any system folder or app on your Mac. Software obtained root-level access when you entered your administrator name and password to install the software. That allowed the software to modify or overwrite any system file or app."

 

[Gav2k]

Hi,
I've an M-audio Project Mix audio interface that has been discontinued for a few years now.
I absolutely love it though and use it every day when I record music and there's really no affordable modern alternative to it.
Unfortunately because the drivers for it are unsigned, it won't work in Elcapitan and Sierra and it only half works in Yosemite, so I'm currently running my Mac Pro with Mac OS10.95 (Mavericks), which is the latest OS where the M-audio drivers and software still function 100%.
However the M-Audio drivers will work absolutely fine in Elcapitan or Sierra if I disable the SIP, so my question is this...
Is an OS like El Capitan or Sierra with SIP disabled more vulnerable from a security point of view than an OS like Mavericks which doesn't have SIP in the first place?
Providing I only visit regular websites on my Mac am I likely to be any more at risk of anything bad happening?
It'd be great to be able to use the latest Mac OS again, but at the same time I don't want to run a completely vulnerable system, so would be grateful for more informed opinion on the matter.
Thanks

Disable and install your device then turn it back on.

 

[ardchoille50]

Disable and install your device then turn it back on.

Yeah, I've seen people do that for things that they trust and it makes sense.

 

[howiest]

There was no SIP before El Capitan came along, so you tell me... how dangerous was Yosemite, or Mavericks, or, or...?

 

[Fishrrman]

One has to do, what one has to do.

Consider:
BEFORE Apple instituted SIP, ALL Macs ran "without it".

Back then, the Mac world seemed "good enough" without SIP.
Whether the world is "better" with it, can't say.

I turn it off, as a matter of course.
But that's my choice.

I'd turn it off, and not worry about having done so.

 

[JazzyGB1]

Disable and install your device then turn it back on.

Thanks, but unfortunately as soon as SIP is enabled again the driver software stops working, so it's for it to work always off is the only option.
[doublepost=1483133402][/doublepost]So it's sounding like disabling SIP will make Sierra no more vulnerable than Mavericks anyway, which is fine by me.
SIP disabled it is then - thanks for all your responses.

 

[ardchoille50]

So it's sounding like disabling SIP will make Sierra no more vulnerable than Mavericks anyway, which is fine by me.
SIP disabled it is then - thanks for all your responses.

Yeah, I would just recommend continuing your due diligence as far as personal security is concerned.