Hacker News new | ask | show | jobs
by throwaway32617 3376 days ago
You must not work in an organization that insists on installing security software for you. If I have >2w uptime on my machine I generally have to restart for some reason or other. It's like people have forgotten that computers can and should have more uptime than that.

A faulty update from one of our security software vendors caused a once-per-hour kernel panic and forced reboot for a day or two. It was really nice.

(Obviously none of this is the fault of OSX or Apple but I would kill for 2.5m of uptime on my work laptop).
2 comments
eropple 3376 days ago
I feel you there. It got to the point at one gig where engineering folks--who were given root on their preconfigured laptops--often spent their first day figuring out how to kill and extricate Sophos from their machines. For developers who weren't seasoned jerks, it could be a real challenge until somebody took pity on them and helped them find single-user mode, yank out the kexts, and manually delete everything. (The happy .pkg BOMs helped out, too!)

Ordinarily I wouldn't do this and just punch out on a gig (because seriously, it's that annoying and that effectively-useless), but we were a recently-acquired startup subsidiary, so we were also our own IT shop--the CTO actively approved.

link
i336_ 3375 days ago
Is it still possible to do this kind of thing on the most recent macOS? I recall the issue with the 'git' binary not being modifiable, even with sudo, unless you mounted the macOS filesystem under Linux and made the changes from there.
link
eropple 3374 days ago
You can disable rootless via the recovery partition.
link
i336_ 3374 days ago
Ah, thanks. I'm assuming that quietly got added in after "we can't touch the filesystem at all" caused too many complaints...?
link
eropple 3374 days ago
It was literally there from day one (from day minus-a-bunch if you count the beta releases) and the hyperbolic inanity that led normal people to the misconception you had was never necessary in the first place.
link
i336_ 3374 days ago
Heh. Thanks for the info.

I just checked, I read about this at http://rachelbythebay.com/w/2016/04/17/unprotected/.

I must admit that I am very curious why "git and 64 other files in /usr/bin are all the same size (18176 bytes on my machine)", why dtruss and strings fail, and what behavior changes when you turn rootless off.

link
eridius 3376 days ago
My Macs regularly go for 30-60 days before I restart them, and when I do restart, it's not because the computer is misbehaving.
link