System Integrity Protection is a security technology in OS X El Capitan that's designed to help prevent potentially malicious software from modifying protected files and folders on your Mac.
In OS X, the “root” user account previously had no permission restrictions and could access any system folder or application on your Mac. Software gained root-level access when you entered your administrator name and password to install it and could then modify or overwrite any system file or application.
System Integrity Protection restricts the root account and limits the actions that the root user can perform on protected parts of OS X.
Paths and applications protected by System Integrity Protection include:
- /System
- /usr
- /bin
- /sbin
- Apps that are pre-installed with OS X
Paths and applications that third-party apps and installers can write to include:
- /Applications
- /Library
- /usr/local
System Integrity Protection is designed to allow modifications of these protected parts only by processes that are signed by Apple and have special entitlements to write to system files, like Apple software updates and Apple installers.
Apps that you download from the Mac App Store already work with System Integrity Protection. Other third-party software that conflicts with System Integrity Protection might be set aside when you upgrade to OS X El Capitan.
System Integrity Protection also helps prevent software from changing your startup volume. To boot your Mac from a different volume, you can use the Startup Disk pane in System Preferences or you can hold down the Option key while you reboot, and select a volume from the list.