alt Hacker News> Here’s our first problem, as those are located in the Signed System Volume (SSV), so we can’t change them in any way. The same applies to the other 417 LaunchDaemons and 460 LaunchAgents that account for most of the processes listed by Activity Monitor. In the days before the SSV it was possible to edit their property lists to prevent them from being launched, but that isn’t possible any more when running modern macOS.
SSV can be disabled. It would be ill-advised to do so, but Apple intentionally allows you to do that. In fact you can strip away every single security layer of macOS, including allowing unsigned kernel extensions to be loaded. This document is a bit outdated, but it should still be possible to do all of that. https://gist.github.com/macshome/15f995a4e849acd75caf14f2e50...
Feels like the article is just a cheap dunk on macOS. Has Apple perhaps baked in a bit too much into the SSV? Definitely. Even the Chess.app is in there.
Does it really matter? Almost certainly no.
Replies
Eclecticlight and ‘cheap dunk’ ?
No.
This site is a class of its own, in quality of discussions, in quality of software, and in dedication… many years long, consistent quality
Disabling SSV puts your system security on par with any stock linux distro. Most OSes don’t do a cryptographically verified read only root.
> Feels like the article is just a cheap dunk on macOS.
That blog, Howard Oakley at eclecticlight.co, is consistently the most informative on the internet about macOS behaviors and internals, that Apple does not explain. He is also the author of several useful tools [1] to help observe and understand some of its underlying details. It's maybe the closest we have to a SysInternals for macOS.
[1] https://eclecticlight.co/free-software-menu/