Of course, but I was really asking whether, SIP notwithstanding, there are still areas of OS X/macOS in which bad guys can place the sort of malware we've seen over the years...the sort of malware that LS can intercede against?
I don't recall a single such threat having arisen since SIP was instituted.
I reiterate:
Anything the human mind can create the human mind can defeat — eventually. SIP is an excellent safeguard and as you point out is working very well but
it is no panacea. All it takes is one malware developer discovering a hitherto unknown or unexpected vulnerability and as Sherlock Holmes would say, "
The game is afoot".
For the average user the biggest security venerability is their own
ignorance of the threats. For the more technically aware it is
complacence. With that in mind each person must strike their own balance among the competing elements of security, convenience, and usability. I am trying to encourage you to avoid the trap of complacency.
