System Integrity Protection (SIP)
While “rootless” was mostly marketing, SIP actually hardened the Mac by preventing modifications to the following locations:
/System
/usr
/bin
/sbin
All apps preinstalled by Apple
The exceptions to the rule are apps or processes that have been signed by Apple and have a special entitlement to write to system files. This includes Apple installers and Apple software update services.
SIP is effective at stopping system locations from being written to by third-party apps and services. Only Apple-signed system processes can write to system locations.
This will find all files (not symlinks) with the executable bit set:
find . -perm +111 -type f
This will also find symlinks (which are often equally important)
find . -perm +111 -type f -or -type l
https://apple.stackexchange.com/questions/116367/find-all-executable-files-within-a-folder-in-terminal
Link
https://krypted.com/mac-os-x/sip-protected-apps-macos/
