This is kind of strange.
Since the days of OS X El Capitan, Apple has activated a protection feature called System Integrity Protection, which is designed to keep your Mac safe from malware by restricting the permissions of the root user account and preventing unauthorized access to protected files and folders.
The program runs behind the scenes and is generally enabled by default in Mac running OS X El Capitan. Developer Jonathan Wight noticed that the System Integrity Protection feature has been disabled on newer Macs, prompting developer Steven Troughton-Smith to do an informal Twitter survey asking users about the status of their new machines.
As of now, the System Integrity Protection feature has been found to have been disabled out of the box on a number of 13-inch and 15-inch MacBook Pro notebooks. The issue seems to be sporadic and not all newer MacBook Pro units are affected, but this is still surprising.
Users can check whether SIP is turned on by entering the “csrutil status” command in Terminal. Enabling SIP requires booting into Recovery mode, turning it on using Terminal, and rebooting.
Apple is aware of the issue and will undoubtedly deliver a fix for the issue in an update, but timing for a release is unknown.
Stay tuned for additional details as they become available.
Via MacRumors, Jonathan Wight and developer.apple.com