If you have Dropbox installed, take a look at
System Preferences > Security & Privacy > Accessibilitytab (see screenshot above). Notice something? Ever wondered how it got in there? Do you think you might have put that in there yourself after Dropbox asked you for permission to control the computer?
No, I can assure you that your memory isn’t faulty. You don’t remember doing that because Dropbox never presented this dialog to you, as it should have[…]
Indeed, even with your admin password, it still shouldn’t be able to get into Accessibility. Clearly Dropbox’s coders have been doing some OS X hacking on company time.
Furthermore, it doesn’t look like they are storing a copy of your password, as some reports have said—and which would be really, really bad. No, they’ve simply been installing things in a way that let’s them retain root privileges so that they don’t have to bug you again when they want to change things up later.
Dropbox could have saved a lot of pain had they just made a first-run dialog that asks if they want to enable certain features…
After a little digging around in Apple’s vast documentation, it occurred to me to check the authorization database and see if that had been tampered with.
The string output for dbfseventsd binary didn’t reveal anything much interesting, but with the deliciously named dbaccessperm file, we finally hit gold and the exact proof I was looking for that Dropbox was using a sql attack on the tcc database to circumvent Apple’s authorization policy[…]
The upshot for me was that I learned a few things about how security and authorisation work on the mac that I didn’t know before investigating what Dropbox was up to. But most of all, I learned that I don’t trust Dropbox at all. Unnecessary privileges and backdooring are what I call untrustworthy behaviour and a clear breach of user trust.
This is an Apple system dialogue box, not a dialogue from Dropbox. Mac OS X requires password authentication for changes to certain permissions, and this dialogue box is a standard way for a Mac OS X app to ask for your permission.
Yes, you can choose to click Cancel rather than approving these additional permissions. However, this means that the Dropbox features listed above will not function on your computer. If you don’t give your approval, you will be asked to enter your username and password again the next time you start or restart Dropbox.
Dropbox uses Apple Mac OS X Accessibility permissions to function properly. Specifically, we use Accessibility APIs for the Dropbox badge (part of Microsoft Office integrations).
You cannot currently disable Accessibility access for the Dropbox Mac OS X desktop app. We realize this isn’t a great experience, and we’re actively working to make this better.
With the release of the latest version of the Mac operating system, 10.12 macOS Sierra, it’s pleasing to see that Apple have fixed a bug I reported against El Capitan in October of last year, and wrote about on this blog here and here.
The SIP, which means hacking the Accessibility preferences is no longer possible.is now under
Surreptitiously modifying the permissions database is a violation of user trust. It seems to be well-intentioned, but I’m surprised that Dropbox would go to such lengths in order to ease the setup of a feature that probably few of its customers use. I do sympathize, however, as a developer who has had to guide customers through the confusing process of manually granting accessibility permissions.
Stay up-to-date by subscribing to the Comments RSS Feed for this post.