Apparently in the beta there is a command line routine available only when booted from on the Recovery Drive that can turn the Rootless mode on and off. (I cannot verify this as I have not tried it.) Whether it makes it to the release version or not is open to conjecture because it could potentially be used in an exploit. If it remains, that might make it possible/necessary to run SuperDuper, CCC, et. al. from the Recovery Drive or to post process activating the Rootless mode to restore the Rootless mode.
I doubt that would be scriptable in the usual sense since at least two reboots would have to occur, but it might be in the form of a printed set of instruction to the user. Personally I would not want to leave that to the users to perform. Too many would not understand the reason and would ignore it leaving their system in an exploitable state.
Suffice it to say ShirtPocket, Mike Bombich, and a legion of malware developers are working on the problem. Speaking of Mike Bombich when I attempted to launch Carbon Copy Cloner I got a popup saying "CCC is not certified for this version of OS X" and kicked me out to the CCC web site. SuperDuper on the other hand will launch and run in El Capitan.
