No one take this personally, just my observations, not directed at anyone specifically.
I found it VERY ironic, even comical, some of the comments posted here. You have people bemoaning that SIP must be disabled, and claiming they can’t / won’t disable SIP because they don’t want the ‘risk’ or their employer doesn’t want the ‘risk’; in short without saying so, they concede the security benefit of why SIP is there in the first place, even if publicly dissing it because of the personal inconvenience it creates.
At the same time, you have folks, including some of the very same people who can’t or refuse to disable SIP, criticizing Apple for having SIP in the first place, or suggesting that Apple allow TF an exception (and by conceit therefore open the door for other developers to want ‘exceptions’), or suggest that Apple permit it to be signed etc, so that TF will run.
I see comments like “Can’t you petition Apple to have TF signed, or why can’t Apple set up a system for ‘legitimate’ programs that modify the operating system to be reviewed and ‘allowed’ through.”
TF as currently written, works because it directly modifies Apple code; this is precisely what malware does and what SIP was created to prevent. This is not a criticism of TF, I love it and use it. Back in the day, it was the easiest and most efficient way for TF to be written based on the intent, a simple dual pane window enhancement to Finder. That’s it, that’s all TF was intended to be, everything else is bells and whistles. At the time modifying Finder was allowed and it worked.
In this case, we as users trust TF and the developer that no harm is done as part of this direct manipulation of Apple code and the operating system. Great. Can the same be said for other developers and other apps? If Apple makes an exception for TF, and sets the precedence that exceptions are given or even possible, how quickly do you think before other developers are going to literally threaten to TEAR down the walls in Cupertino to also be given an ‘exception’. The old saying, What’s good for the goose is good for the gander?
There are literally thousands of apps, many of which, development and functionality would be greatly enhanced and improved 'if only silly Apple would let us “trusted” developers run amok in the guts of macOS and change whatever we want, when we want". Who is going to decide who gets keys to the kingdom? You will literally see THOUSANDS of developers submitting claims to be allowed access to bypass SIP. 'Hey Apple! You’re going to let some little independent developer selling a $15 utility to bypass SIP or be signed to modify the OS? What about me? My software is responsible for thousands of Macs being bought and used. It would be a lot easier on us if our developers could change the guts of macOS. Here’s $10M, I want keys to the kingdom too." Folks, you see where that is headed if it ever came about? We’ve seen this on the Windows side too, developers trying to twist Microsoft’s arm because of market power, to be allowed special access, hidden API’s in Windows to make their software better than the competition.
Back to Apple, who is going to TEST all those apps to make sure they aren’t malicious? Who defines WHAT is malicious? Who is going to protect Apple legally the first time one of those apps that gets an ‘exception’ causes tremendous harm, and a user sues Apple for allowing this crap developer and his program access to do what it wanted? And every time such an app is updated, it will have to be ‘re certified’ so to speak. We have already seen documented instances where thieves have spoofed/stolen/hijacked otherwise legitimate signatures and used to deploy their own malware.
If you have an exception process, then you have completely defeated the purpose of having security systems like SIP and Gatekeeper in the first place. Who is to say this developers app and cause is just and non-threatening, but this developer’s is not?
So essentially, there are users who won’t disable SIP personally and assume the risk personally, but want Apple to compromise a security system intended to protect EVERYONE so that ONE specific app will work and the user is still protected from all other apps.
This reminds me of parents who won’t vaccinate their kids because of the ‘risk’, but RELY on the fact that all the other parents vaccinate THEIR kids to thus minimize the risk to the non vaccinated kids who are open to contracting a disease.
Bottom line, don’t demonize the developers of TF, we should be grateful we have had the use of TF for this long. As Darwin has stated many times, there is no business case to rewrite TF, it is what it is. When the end of the road comes, it comes. Don’t demonize the users unwilling to disable SIP because they won’t accept risk, it’s a choice. Don’t demonize the users who DO disable SIP, just to run TF, it’s a choice. Don’t demonize Apple for having SIP; it is absolutely necessary in this day and age of cyber that systems must be locked down. Stop suggesting that Apple needs to make an exception policy, or allow TF to be signed. Ain’t going to happen for the reasons I listed, and as a Mac user, I DON’T want the system compromised, no matter how much I love TF.
As a techie, I’m comfortable running without SIP, I know where I get my software, I know how to practice safe computing. For the other 99% of every day non techie Mac users, no way would I want any compromises to SIP. My wife is SMART, Master’s degree, professional career, but not a techie and doesn’t want her to be. I like the fact that SIP is enabled on her Mac, and she only buys through the App Store, or if unsure, she asks me first before buying / installing. I can’t watch her 24/7 and don’t want to; she’s a grown up and it’s her Mac. So no, she doesn’t use TF because I don’t want SIP turned off on her Mac. She uses one of the ‘alternatives’ on the market and she’s happy with it.
There you have it. YOu all decide what is best for you and move forward, leave others to their decision and what works for them.