How to Disable System Integrity Protection in macOS

Jim Tanous September 15, 2018

Longtime Mac power users likely enjoyed the ability to tweak the operating system at its lowest levels. For years, hidden settings and customization apps let users take complete control of their Mac to customize how it looked and functioned.
But if the user can access these core system files, so too can malware. It’s this reality that prompted Apple to introduce a security feature called System Integrity Protection in macOS, starting with OS X El Capitan in 2015. And while System Integrity Protection is an important feature that most users will benefit from, it can cause issues with certain power user workflows and applications. So, if you’re willing to accept the risk of reduced security in exchange for greater flexibility, here’s how to disable System Integrity Protection in macOS.

How to Disable System Integrity Protection in macOS

What is System Integrity Protection?

Before we go further, let’s take a quick moment to go over exactly what System Integrity Protection does to make sure that disabling it is what you need. System Integrity Protection is all about restricting access to critical system files, thereby blocking certain attack vectors for malware and other malicious software.
Normal macOS user accounts have always had restrictions on which files they could access, but the root user, a special user account that has elevated privileges for the purpose of system administration, had no restrictions. Prior to the introduction of System Integrity Protection, any physical user or script that had access to the root account and password effectively had complete access to every area of the system.
Recognizing the potential security issue, along with the fact that most Mac users will never need to access or modify core system files, Apple created System Integrity Protection to block access to key locations and files, even for the root user. These locations include:

/System
/usr
/bin
/sbin
Any application that is pre-installed as part of macOS

With System Integrity Protection enabled, the only way to modify files in these locations is via apps or processes that are signed by Apple with the explicit permission to do so. For example, the Software Update process or Apple’s own application installers. Third party apps and even the Mac’s administrator cannot modify these files under any circumstance. If you attempt to do so, even with a “sudo” command, you’ll simply receive an Operation Not Permitted message.
system integrity protection denied

Should You Disable System Integrity Protection?

As mentioned, System Integrity Protection can cause issues with certain power user workflows or applications that require the ability to modify system files. The good news is that you can disable System Integrity Protection, as long as you’re willing to accept the risk that your Mac will be more vulnerable if you do so. For power users, however, the flexibility to continue to access and modify these files may be worth the risk.
So, in short, if you know for certain that a workflow or app you require relies on access to protected system files, and you understand the risks involved, you’ll likely be OK with disabling System Integrity Protection. But if you don’t know why you need to disable System Integrity Protection, or if you’re just doing it because an app you downloaded told you to, you’re better off keeping it enabled and finding another solution for the app or process you’re trying to accommodate.

Disable System Integrity Protection

  1. To disable System Integrity Protection, boot your Mac into Recovery Mode by pressing and holding the Command and R keys on your keyboard as soon as you hear the boot chime.
  2. Once you’ve booted into Recovery Mode, select Utilities > Terminal from the menu bar at the top of the screen.

    3. mac recovery terminal

  3. To check to see if System Integrity Protection is currently enabled or disabled, use the command csrutil status.

    4. mac verify system integrity protection

  4. To disable System Integrity Protection, use the command csrutil disable. You can re-enable it later by repeating these steps and using the command csrutil enable instead.

    5. mac disable system integrity protection

  5. Once you’ve disabled System Integrity Protection, restart your Mac via the Apple menu.

mac disable system integrity protection restart

Send Email

Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.

You may also like
Outlook Won’t Open – How To Fix

Lee Stanton March 17, 2023

How to Change All Instances in VS Code

Lee Stanton March 16, 2023

How To Connect Multiple Bluetooth Speakers to a TV, PC, or Mobile Device

Lee Stanton March 16, 2023

Send To Someone

Missing Device

    Todays Highlights
    How to Change the Location on a FireStick

    Lee Stanton November 24, 2022

    How to See Google Search History
    How to View Your Google Search History

    Steve Larner March 7, 2023

    How to Change Your User Name in Zoom

    Lee Stanton August 23, 2022

    How to Use Inspect Element

    Lee Stanton August 16, 2022

    how to download photos from google photos
    How to Download Photos from Google Photos

    Cassandra December 3, 2022

    How to Change Your Username on Fortnite

    Lee Stanton February 20, 2023