It turns out that even with SIP enabled a regular root user can write to the swapfile under /private/var/vm/swapfile0 on MacOS.
b4a5ae1e05cc0033bf98b39a84490ae7a0a1f8afb83c82d664cc8ddd98121f80
Apple Security Advisory 2017-05-15-1 - macOS 10.12.5 is now available and addresses certificate validation, privilege escalation, and various other vulnerabilities.
c8e7fabadfea08c552a96a322996223bd75739ad1b76b9e5498a79914d41c38a