If you disable SIP, all you iOS apps will stop working on your M1.

[MK500]

I disabled SIP on my M1 Mac by using csrutil disable. All my iOS apps no longer launch. So I re-enabled SIP and they are all working again.

So be aware that SIP seems to be required for iOS apps to function.

 

[Wowfunhappy]

Can more people with Apple Silicon Macs please confirm this? It's pretty huge!

The ability to turn off SIP is the difference between a real computer that you can own and control and a glorified appliance. If Apple has begun disabling features when SIP is off, that profoundly changes how I feel about the platform.

 

[matrix07]

Can more people with Apple Silicon Macs please confirm this? It's pretty huge!

The ability to turn off SIP is the difference between a real computer that you can own and control and a glorified appliance. If Apple has begun disabling features when SIP is off, that profoundly changes how I feel about the platform.

It‘s only affect iOS apps though

 

[walterpaisley]

I had SIP disabled and reenabled it but my iOS apps still aren't launching. They're not crashing at launch as much as nothing happens when you try to run then.

(Running the latest 11.1 developer build.)

 

[haralds]

The reason likely is the prevention of app theft.

 

[MK500]

I had SIP disabled and reenabled it but my iOS apps still aren't launching. They're not crashing at launch as much as nothing happens when you try to run then.

(Running the latest 11.1 developer build.)

This is exactly what it was like for me. No message or anything. But I am not running dev version. And when I re-enabled everything immediately worked.

 

[walterpaisley]

I'm seeing an authentication error in the console when I try to launch it. I wonder if this is a gatekeeper related issue.

 

[Luposian]

Why people feel the need to tinker, then complain because their device broke or stopped working. *sigh*

 

[Andropov]

Why people feel the need to tinker, then complain because their device broke or stopped working. *sigh*

Disabling SIP is a legitimate feature (that's why there's an option to turn if off) that some people actually need to use. That's not 'tinkering'.

 

[Luposian]

Disabling SIP is a legitimate feature (that's why there's an option to turn if off) that some people actually need to use. That's not 'tinkering'.

What does SIP stand for? What does it do? Why do certain people need to disable it? That might educate me as to why my comment on “tinkering” is incorrect.

 

[Zazoh]

What does SIP stand for? What does it do? Why do certain people need to disable it? That might educate me as to why my comment on “tinkering” is incorrect.

You have to boot in recovery mode ... tinkering. System integration protection, security feature.

 

[thingstoponder]

I read this on Twitter from around WWDC time.

iOS apps seems basically useless so I’m not gonna get worked up over it.

 

[EugW]

I read this on Twitter from around WWDC time.

iOS apps seems basically useless so I’m not gonna get worked up over it.

Useful for iOS/iPadOS developers at least.

 

[Andropov]

What does SIP stand for? What does it do? Why do certain people need to disable it? That might educate me as to why my comment on “tinkering” is incorrect.

System Integrity Protection. Basically, the system is now in a separate APFS volume with readonly privileges for all users, including root, so even if some malware gained root privileges it wouldn't be able to launch an attack that required modifying system files (i.e. a keylogger probably would need this kind of access to the system volume).

By disabling SIP, you remove that protection (so you fall back to the way things were before OS X 10.11). Malware still needs to escalate privileges to gain write access to sytem files, but there's no additional protection after that.

However not everything that modifies system files is malware. There are some genuine applications. Apple doesn't list a lot of them, but notes that developing DriverKit applications may require disabling SIP. Some other things that require low-level access to the hardware usually also require this (WiFi sniffers, for example). And cybersecurity engineers also may find it useful to turn it off sometimes.

Obviously, not a lot of people need to turn if off. It's a great security feature, it should absolutely be enabled unless you have a very good reason to disable it. But csrutil (the utility to disable SIP) it's still a well documented feature that Apple supports and having it disable other features in the OS when turned off should be avoided or (at least) documented.

 

[NT1440]

I disabled SIP on my M1 Mac by using csrutil disable. All my iOS apps no longer launch. So I re-enabled SIP and they are all working again.

So be aware that SIP seems to be required for iOS apps to function.

Inst this supposed to be done via a boot option?

Apple talked about it at SoTU I think.

 

[TheEnthusiast]

What does SIP stand for? What does it do? Why do certain people need to disable it? That might educate me as to why my comment on “tinkering” is incorrect.

Seems like there was some research you could have done before making comments/passing judgement, but that's typical of the Internet these days.

 

[Rramnel]

I would also like to disable SIP, but Command+R doesn't seem to work for me.

How did you disable SIP on M1 running Big Sur?

 

[MK500]

I would also like to disable SIP, but Command+R doesn't seem to work for me.

How did you disable SIP on M1 running Big Sur?

Shut down your Mac. Hold the power button until you see the gear icon. Click on the button below that to boot into the equivalent of recovery. Now launch terminal and do "csrutil disable". Now you can reboot.

You can check status while running macOS in terminal with "csrutil status".

 

[Luposian]

Seems like there was some research you could have done before making comments/passing judgement, but that's typical of the Internet these days.

Some people do things, just because they can (tinkering). Other people do things they genuinely need to (not tinkering, but attempting to accomplish a necessary goal). If this is something that SHOULD be permissible (by Apple), then it simply needs to be brought up to Apple's attention and hopefully addressed sooner rather than later.

I "make comments/pass judgement" based on the overall "feel" of things. I see several people complaining about things about these new M1 Macs. Too little RAM or mediocre graphics or... whatever. Usually it sounds like the person is just being a hater, because they think something SHOULD be a certain way. They don't realize that not everything has to go down the same road it's always gone down. Maybe some people actually "thought outside the box" and came up with a way to do things that really turns the conventional wisdom 180. It's possible.

You will see me commenting now, instead of in years past because Macs are Macs again. Not glorified PC's running MacOS X. I've been a Mac enthusiast since the 6100/60 -> G5. When Apple switched to Intel, I lost my love. It's never been JUST about the hardware, nor JUST the OS. It was both. THAT is what makes a Mac a Mac, to me. We're seeing a new era of true Macs again... and I couldn't be happier!

 

[Wowfunhappy]

Why people feel the need to tinker, then complain because their device broke or stopped working. *sigh*

If you turned off SIP and then broke something sure, that's on you. But the mere act of turning off SIP shouldn't break iOS apps, that's nuts!

 

[Acidsplat]

Disabling SIP is a feature provided by Apple with documentation for users to enable and disable if they choose to.
That's not tinkering. No one is using third party patching or jailbreaking their Mac to do so.

 

[Luposian]

Disabling SIP is a feature provided by Apple with documentation for users to enable and disable if they choose to.
That's not tinkering. No one is using third party patching or jailbreaking their Mac to do so.

Then it's simply a bug that Apple needs to be made aware of...

 

[dukebound85]

Why people feel the need to tinker, then complain because their device broke or stopped working. *sigh*

you don’t get it. It’s a function you can utilize....

 

[Luposian]

you don’t get it. It’s a function you can utilize....

I admit to not being intimately familiar with features that have, to my knowledge, never been available on a Mac before (as no Mac has been based on a similar chip as the iPads/iPhones until now). So, all I see is someone messing around in the Terminal and suddenly their iOS apps no longer work. I know enough to know that iOS apps are supposed to work on the M1 Macs, but messing around in the Terminal (if you know "just enough to be dangerous", which I'd probably be categorized under) is the fastest way to bork your computer... or iOS apps, in this case.

 

[seek3r]

Some people do things, just because they can (tinkering). Other people do things they genuinely need to (not tinkering, but attempting to accomplish a necessary goal). If this is something that SHOULD be permissible (by Apple), then it simply needs to be brought up to Apple's attention and hopefully addressed sooner rather than later.

I "make comments/pass judgement" based on the overall "feel" of things. I see several people complaining about things about these new M1 Macs. Too little RAM or mediocre graphics or... whatever. Usually it sounds like the person is just being a hater, because they think something SHOULD be a certain way. They don't realize that not everything has to go down the same road it's always gone down. Maybe some people actually "thought outside the box" and came up with a way to do things that really turns the conventional wisdom 180. It's possible.

You will see me commenting now, instead of in years past because Macs are Macs again. Not glorified PC's running MacOS X. I've been a Mac enthusiast since the 6100/60 -> G5. When Apple switched to Intel, I lost my love. It's never been JUST about the hardware, nor JUST the OS. It was both. THAT is what makes a Mac a Mac, to me. We're seeing a new era of true Macs again... and I couldn't be happier!

Tinkering is a completely legit purpose on a full fledged computer to begin with, it's how most of us in software started.... And as other folks have already noted on this thread turning off SIP is a documented feature, and the result of it disabling software installed on the machine is not a documented result, if that *is* a result of turning off SIP that's a huge problem, both in Apple's docs and in that a feature that is highly useful has some nasty side effects it never had before.

I also don't get the rest of your comment. I mean, you want people to think outside the box... but not tinker? Do you got the disparity between those two positions? And Macs are suddenly Macs again because they aren't using x86? PowerPC was IBM and Motorola, how was that more "true" Mac than Intel chips?