Okay, so I can write to Applications. But I can't use that ability to install an application that actually has permissions to do anything real, right?
Apple's System Integrity Protection only applies to pre-installed programs. I just now screwed around with the following object and the system let me do it:
/Applications/Firefox.app/Contents/MacOS/firefox
If I can do that from Terminal, then what's to stop some malicious JavaScript from doing that IRL? Once user installed programs in /Applications are fair game, it becomes much easier to subvert macOS.
By allowing untrusted binaries, you're essentially saying to the world "Go ahead, run any binary you want on my computer as an unprivileged user. macOS will protect my system from you".
Not me. I'd rather make it just that much more difficult to keep malware off my computer. Setting aside everything else, the whole meltdown/spectre thing is enough for me to want to minimize the random untrusted code I run.
And even if macOS itself is safe, those random binaries can still exfiltrate all my user data as an unprivileged user. They can mine Monero. They can participate in a botnet. All of that is possible without subverting macOS.
Apple's System Integrity Protection only applies to pre-installed programs. I just now screwed around with the following object and the system let me do it:
If I can do that from Terminal, then what's to stop some malicious JavaScript from doing that IRL? Once user installed programs in /Applications are fair game, it becomes much easier to subvert macOS.By allowing untrusted binaries, you're essentially saying to the world "Go ahead, run any binary you want on my computer as an unprivileged user. macOS will protect my system from you".
Not me. I'd rather make it just that much more difficult to keep malware off my computer. Setting aside everything else, the whole meltdown/spectre thing is enough for me to want to minimize the random untrusted code I run.
And even if macOS itself is safe, those random binaries can still exfiltrate all my user data as an unprivileged user. They can mine Monero. They can participate in a botnet. All of that is possible without subverting macOS.
No. Just no.