Click For Photo: https://regmedia.co.uk/2016/10/26/brokendoorshutterstock.jpg?x=1200&y=794
An Apple macOS security process called System Integrity Protection can prevent certain apps from being easily uninstalled, which isn't ideal when the code may be vulnerable or malware.
System Integrity Protection, or SIP, has clear benefits for macOS security. Introduced in OS X El Capitan (10.11) in 2015, it applied a new security policy to every process running on the system.
SIP - Attempts - System - Binaries - Apple
SIP attempts to ensure that system binaries can only be modified by Apple's Software Update mechanism or by the app installer if the code is an Apple signed package. It also attempts to prevent runtime attachments and code injection.
Apart from past bugs, SIP – also referred to as "rootless" because of the attribute text used to designate SIP protection – has generally improved macOS security.
Apple - App - Sandboxing - Guidelines - Behavior
Because Apple's app sandboxing and app guidelines already prevent such behavior for apps distributed through the macOS App Store, SIP's primary impact has been on third-party developers distributing their apps outside of Apple's oversight.
Permissionless app distribution isn't possible on iOS without jailbreaking; but on macOS, developers can still distribute code without Apple's blessing, though signing apps with a valid developer identity helps.
MacOS - App - BlueStacks - Android - Apps
The macOS app BlueStacks, which allows Android apps to run on Apple systems, is an example of an app that needs to operate outside of Apple's control because it installs a kernel extension (KEXT) to augment the capabilities of the macOS kernel.
And thanks to SIP, the app's KEXT resists deinstallation.
Wake Up To Breaking News!