Not possible with SIP. The OS files are read only. Not even root can change them.

Someone else in thread mentions an kext for the iLok dongle AVID uses, so are kexts covered by SIP? Or are they counted as part of the kernel, and thus all powerful?

Looks like some situations AVID requires SIP disabled for external video cards?

So dumb. Why do companies pull this crap instead of fixing their issues with the vendor instead of leaving their users vulnerable

Yeah, that’s exactly what the behaviour sounded like to me too, having inadvertently done this to myself a few times over the years, and given that many autoupdaters run with root permission, it’s perfectly plausible.

Yeah, I think we had that twice: 1. "I can't work if all the NFS mounts empty" 2. "You're aware that closing the GUI empties /home/$(whoami)? Related: Did you see our sysadmin?". Backups are awesome.