And SIP doesn't defend you from editing files in /bin. They are guarded by the fact that root filesystem is mounted read-only.