The "File System Protections" section of the System Integrity Protection Guide developer documentation incorrectly lists /Applications/Utilities as being SIP-protected

Number:rdar://22646088 Date Originated:10-Sep-2015 01:59 PM
Status:Closed Resolved:
Product:Documentation Product Version:
Classification:Other Bug Reproducible:Not Applicable
The System Integrity Protection Guide developer documentation includes a section named "File System Protections", which includes the following information:


The following directories can only be written to by the system:

System-Only Locations



Link to "File System Protections" section:

/Applications/Utilities is not listed in /System/Library/Sandbox/rootless.conf as being protected by SIP, though a number of applications within /Applications/Utilities are specified within /System/Library/Sandbox/rootless.conf as being protected.

You can use this command to read which entries in /System/Library/Sandbox/rootless.conf include /Applications/Utilities:

cat /System/Library/Sandbox/rootless.conf | grep "/Applications/Utilities"

The list as of OS X 10.11 GM (15A282b) is below:

/Applications/Utilities/Audio MIDI
/Applications/Utilities/Bluetooth File
/Applications/Utilities/Boot Camp
/Applications/Utilities/Digital Color


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!