The fact that Qole was able to modify the file at all made me realize the file is not protected or hashed. Something that is so ridiculous I did not even previously consider. Congratulations Hawaii, you found the first Aegis "hole" (note: it's so large I believe it may be intentional -- you probably can only modify the file in developer mode).

Therefore, Aegis is now partially defeated -- I am now running the stock kernel in non-enforcing mode. That is, to my knowledge, the nearest thing to open mode that exists: I can run arbitrary binaries as root, I can load new kernel modules, and I can even reenable Aegis if I wanted to.